[Users] DNS reverse configuration
This is a multi-part message in MIME format. --------------030000020905080205090702 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi all! I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message: [root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive Enter password: Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord. secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record. Using host command, I got the following results: [root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br ovirt-dir.gsr.inpe.br has address 150.163.80.125 [root@ovirt-dir eduardo]# host 150.163.80.125 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br. [root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br. [root@ovirt-dir eduardo]# host samba4.gsr.inpe.br samba4.gsr.inpe.br has address 150.163.73.109 [root@ovirt-dir eduardo]# host 150.163.73.109 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br. As you can see, it is everything ok. No DNS problem. Someone have any idea? Thanks. --------------030000020905080205090702 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit <html> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> </head> <body bgcolor="#FFFFFF" text="#000000"> Hi all!<br> <br> I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:<br> <br> <small>[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive<br> Enter password:<br> <br> Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord. secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general<br> Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.<br> <br> <big><big><small>Using host command, I got the following results:<br> <small><br> [root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br<br> ovirt-dir.gsr.inpe.br has address 150.163.80.125<br> <br> [root@ovirt-dir eduardo]# host 150.163.80.125<br> 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br<br> _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host samba4.gsr.inpe.br<br> samba4.gsr.inpe.br has address 150.163.73.109<br> <br> [root@ovirt-dir eduardo]# host 150.163.73.109<br> 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.<br> <br> <big>As you can see, it is everything ok. No DNS problem.<br> <br> Someone have any idea?<br> <br> Thanks.<br> </big></small></small></big></big></small> </body> </html> --------------030000020905080205090702--
I have successfully gotten samba4 to work with ovirt but I could not use the Administrator user. I had to create another admin user to. Get it to work. Chris Noffsinger -----Original Message----- From: Eduardo Ramos <eduardo@freedominterface.org> Sender: users-bounces@ovirt.org Date: Thu, 04 Apr 2013 15:45:36 To: <users@ovirt.org> Subject: [Users] DNS reverse configuration _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
On Thu, Apr 4, 2013 at 8:48 PM, Chris Noffsinger wrote:
I have successfully gotten samba4 to work with ovirt but I could not use the Administrator user.
I had to create another admin user to. Get it to work. Chris Noffsinger
It is intended to be so and I think it is the right thing to separate respective roles. I had to do the same with FreeIPA. Gianluca
Even though ovirt-engine did not tried connect to samba4, I used another user. The issue is that engine-manage-domains said not found PTR entry, although host/nslookup/dig command say the opposite. Is there any detail? On 04/04/2013 05:36 PM, Gianluca Cecchi wrote:
On Thu, Apr 4, 2013 at 8:48 PM, Chris Noffsinger wrote:
I have successfully gotten samba4 to work with ovirt but I could not use the Administrator user.
I had to create another admin user to. Get it to work. Chris Noffsinger It is intended to be so and I think it is the right thing to separate respective roles. I had to do the same with FreeIPA.
Gianluca
Hello everybody, Is there some howto or some procedure to connect Samba4 to oVirt 3.1 and what components are necessary to install and configure?, René, can you post all steps to configure it to have oVirt working with Sanba 4, please? Many thanks in avanced, Juanjo. On Fri, Apr 5, 2013 at 1:28 PM, Eduardo Ramos <eduardo@freedominterface.org>wrote:
Even though ovirt-engine did not tried connect to samba4, I used another user. The issue is that engine-manage-domains said not found PTR entry, although host/nslookup/dig command say the opposite. Is there any detail?
On 04/04/2013 05:36 PM, Gianluca Cecchi wrote:
On Thu, Apr 4, 2013 at 8:48 PM, Chris Noffsinger wrote:
I have successfully gotten samba4 to work with ovirt but I could not use the Administrator user.
I had to create another admin user to. Get it to work. Chris Noffsinger
It is intended to be so and I think it is the right thing to separate respective roles. I had to do the same with FreeIPA.
Gianluca
______________________________**_________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/**mailman/listinfo/users<http://lists.ovirt.org/mailman/listinfo/users>
On Fri, 2013-04-05 at 14:21 +0200, Juan Jose wrote:
Hello everybody,
Is there some howto or some procedure to connect Samba4 to oVirt 3.1 and what components are necessary to install and configure?, René, can you post all steps to configure it to have oVirt working with Sanba 4, please?
Sorry, can't give you detailed information on how to create a Samba 4 directory (use UCS appliance) - there is plenty of documentation in the internet on how to do that. To connect oVirt to your existing Samba domain, use the DNS server from your samba server on your ovirt-engine host (don't do replication to external bind servers, as this causes some issues). You have to make sure, that you have valid forward (A) and reverse (PTR) DNS entries for your ovirt-engine host and SRV records for LDAP, Kerberos,... (but these should be created by default and are required for your Windows clients, too). You can join your Samba4 domain with "engine-manage-domains -provider=ActiveDirectory ..." I hope this helps you a bit.
Many thanks in avanced,
Juanjo.
On Fri, Apr 5, 2013 at 1:28 PM, Eduardo Ramos <eduardo@freedominterface.org> wrote: Even though ovirt-engine did not tried connect to samba4, I used another user. The issue is that engine-manage-domains said not found PTR entry, although host/nslookup/dig command say the opposite. Is there any detail?
On 04/04/2013 05:36 PM, Gianluca Cecchi wrote: On Thu, Apr 4, 2013 at 8:48 PM, Chris Noffsinger wrote: I have successfully gotten samba4 to work with ovirt but I could not use the Administrator user.
I had to create another admin user to. Get it to work. Chris Noffsinger It is intended to be so and I think it is the right thing to separate respective roles. I had to do the same with FreeIPA.
Gianluca
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
I wish that I had documented it, because I have now reinstalled that management server. But I do believe that I had to put my realms manually into /etc/krb5.conf to get it to work. On Fri, Apr 5, 2013 at 8:21 AM, Juan Jose <jj197005@gmail.com> wrote:
Hello everybody,
Is there some howto or some procedure to connect Samba4 to oVirt 3.1 and what components are necessary to install and configure?, René, can you post all steps to configure it to have oVirt working with Sanba 4, please?
Many thanks in avanced,
Juanjo.
On Fri, Apr 5, 2013 at 1:28 PM, Eduardo Ramos < eduardo@freedominterface.org> wrote:
Even though ovirt-engine did not tried connect to samba4, I used another user. The issue is that engine-manage-domains said not found PTR entry, although host/nslookup/dig command say the opposite. Is there any detail?
On 04/04/2013 05:36 PM, Gianluca Cecchi wrote:
On Thu, Apr 4, 2013 at 8:48 PM, Chris Noffsinger wrote:
I have successfully gotten samba4 to work with ovirt but I could not use the Administrator user.
I had to create another admin user to. Get it to work. Chris Noffsinger
It is intended to be so and I think it is the right thing to separate respective roles. I had to do the same with FreeIPA.
Gianluca
______________________________**_________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/**mailman/listinfo/users<http://lists.ovirt.org/mailman/listinfo/users>
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
-- Chris Noffsinger
On Thu, 2013-04-04 at 18:48 +0000, Chris Noffsinger wrote:
I have successfully gotten samba4 to work with ovirt but I could not use the Administrator user.
I had to create another admin user to. Get it to work.
I can confirm that it's possible to use oVirt/RHEV with Samba 4 - tested RHEV 3.0/3.1 with Univention Corporate Server which is a SBS server on Linux base with Samba 4. For RHEV it's not recommended to use Administrator for Active Directory even if it works mostly. Did it several times where it worked fine with Microsoft Active Directory - not sure if I faced isses with Administrator user. But in general it's better to have an other user with admin permissions, as this will always work (if you set up DNS correctly). Regards, René
Chris Noffsinger
-----Original Message----- From: Eduardo Ramos <eduardo@freedominterface.org> Sender: users-bounces@ovirt.org Date: Thu, 04 Apr 2013 15:45:36 To: <users@ovirt.org> Subject: [Users] DNS reverse configuration
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
This is a multi-part message in MIME format. --------------000006020408030106050107 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit On 04/04/2013 09:45 PM, Eduardo Ramos wrote:
Hi all!
I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:
[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive Enter password:
Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord.
it looks like engine-config have problems opening a db connection. The DNS reported error is a bug and is shown due to the connection error. you should get that same error if you'll use $ engine.config -a you have some problem connecting to the localhost postgres instance using the password entered during setup probably. is your postgresql instance up the engine is able to connect to the db? engine-config is getting the password from the same source where the engine does. also, a PTR record is no longer needed since openjdk 7 due to a change in the impl of the krb5 module.
secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.
Using host command, I got the following results:
[root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br ovirt-dir.gsr.inpe.br has address 150.163.80.125
[root@ovirt-dir eduardo]# host 150.163.80.125 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.
[root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.
[root@ovirt-dir eduardo]# host samba4.gsr.inpe.br samba4.gsr.inpe.br has address 150.163.73.109
[root@ovirt-dir eduardo]# host 150.163.73.109 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.
As you can see, it is everything ok. No DNS problem.
Someone have any idea?
Thanks.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--------------000006020408030106050107 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <div class="moz-cite-prefix">On 04/04/2013 09:45 PM, Eduardo Ramos wrote:<br> </div> <blockquote cite="mid:515DCA50.1050003@freedominterface.org" type="cite"> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> Hi all!<br> <br> I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:<br> <br> <small>[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive<br> Enter password:<br> <br> Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord. </small></blockquote> <br> <br> it looks like engine-config have problems opening a db connection. The DNS reported error is a bug and is shown due to the connection error. <br> <br> you should get that same error if you'll use<br> $ engine.config -a<br> <br> you have some problem connecting to the localhost postgres instance using the password entered during setup probably.<br> <br> is your postgresql instance up the engine is able to connect to the db? engine-config is getting the password from the same source where the engine does.<br> <br> also, a PTR record is no longer needed since openjdk 7 due to a change in the impl of the krb5 module.<br> <br> <br> <blockquote cite="mid:515DCA50.1050003@freedominterface.org" type="cite"><small>secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general<br> Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.<br> <br> <big><big><small>Using host command, I got the following results:<br> <small><br> [root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br<br> ovirt-dir.gsr.inpe.br has address 150.163.80.125<br> <br> [root@ovirt-dir eduardo]# host 150.163.80.125<br> 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br<br> _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host samba4.gsr.inpe.br<br> samba4.gsr.inpe.br has address 150.163.73.109<br> <br> [root@ovirt-dir eduardo]# host 150.163.73.109<br> 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.<br> <br> <big>As you can see, it is everything ok. No DNS problem.<br> <br> Someone have any idea?<br> <br> Thanks.<br> </big></small></small></big></big></small> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> <br> </body> </html> --------------000006020408030106050107--
This is a multi-part message in MIME format. --------------040405030001090902060004 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi Roy! In fact "engine-config -a" works fine. It shows me the db config content. By the way, that engine is running ok as well. I just can't get engine connected to my samba4. Watching postgresql log file, whenever I use engine-manage-domains or engine-config, the following messages are appended: LOG: connection received: host=localhost port=33331 LOG: connection authorized: user=engine database=engine LOG: unexpected EOF on client connection But engine-config works fine. I'm using CentOS 6.3 and using yum there are not update for postgresql or jdbc to update. The same with ovirt-engine. I'm really not understanding why it doesn't works. On 04/07/2013 05:57 AM, Roy Golan wrote:
On 04/04/2013 09:45 PM, Eduardo Ramos wrote:
Hi all!
I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:
[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive Enter password:
Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord.
it looks like engine-config have problems opening a db connection. The DNS reported error is a bug and is shown due to the connection error.
you should get that same error if you'll use $ engine.config -a
you have some problem connecting to the localhost postgres instance using the password entered during setup probably.
is your postgresql instance up the engine is able to connect to the db? engine-config is getting the password from the same source where the engine does.
also, a PTR record is no longer needed since openjdk 7 due to a change in the impl of the krb5 module.
secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.
Using host command, I got the following results:
[root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br ovirt-dir.gsr.inpe.br has address 150.163.80.125
[root@ovirt-dir eduardo]# host 150.163.80.125 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.
[root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.
[root@ovirt-dir eduardo]# host samba4.gsr.inpe.br samba4.gsr.inpe.br has address 150.163.73.109
[root@ovirt-dir eduardo]# host 150.163.73.109 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.
As you can see, it is everything ok. No DNS problem.
Someone have any idea?
Thanks.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--------------040405030001090902060004 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> Hi Roy!<br> <br> In fact "engine-config -a" works fine. It shows me the db config content. By the way, that engine is running ok as well. I just can't get engine connected to my samba4.<br> <br> Watching postgresql log file, whenever I use engine-manage-domains or engine-config, the following messages are appended:<br> <br> <small>LOG: connection received: host=localhost port=33331<br> LOG: connection authorized: user=engine database=engine<br> LOG: unexpected EOF on client connection</small><br> <br> But engine-config works fine. I'm using CentOS 6.3 and using yum there are not update for postgresql or jdbc to update. The same with ovirt-engine.<br> <br> I'm really not understanding why it doesn't works.<br> <br> <br> <div class="moz-cite-prefix">On 04/07/2013 05:57 AM, Roy Golan wrote:<br> </div> <blockquote cite="mid:516134F2.90404@redhat.com" type="cite"> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> <div class="moz-cite-prefix">On 04/04/2013 09:45 PM, Eduardo Ramos wrote:<br> </div> <blockquote cite="mid:515DCA50.1050003@freedominterface.org" type="cite"> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> Hi all!<br> <br> I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:<br> <br> <small>[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive<br> Enter password:<br> <br> Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord. </small></blockquote> <br> <br> it looks like engine-config have problems opening a db connection. The DNS reported error is a bug and is shown due to the connection error. <br> <br> you should get that same error if you'll use<br> $ engine.config -a<br> <br> you have some problem connecting to the localhost postgres instance using the password entered during setup probably.<br> <br> is your postgresql instance up the engine is able to connect to the db? engine-config is getting the password from the same source where the engine does.<br> <br> also, a PTR record is no longer needed since openjdk 7 due to a change in the impl of the krb5 module.<br> <br> <br> <blockquote cite="mid:515DCA50.1050003@freedominterface.org" type="cite"><small>secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general<br> Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.<br> <br> <big><big><small>Using host command, I got the following results:<br> <small><br> [root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br<br> ovirt-dir.gsr.inpe.br has address 150.163.80.125<br> <br> [root@ovirt-dir eduardo]# host 150.163.80.125<br> 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br<br> _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host samba4.gsr.inpe.br<br> samba4.gsr.inpe.br has address 150.163.73.109<br> <br> [root@ovirt-dir eduardo]# host 150.163.73.109<br> 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.<br> <br> <big>As you can see, it is everything ok. No DNS problem.<br> <br> Someone have any idea?<br> <br> Thanks.<br> </big></small></small></big></big></small> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> <br> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> <br> </body> </html> --------------040405030001090902060004--
Hello everybody, Has Someone succefully connected ovirt engine to Samba4 to be able to authenticate user from this kind of server?, Eduardo, have you succeed in your attemp to connect engine to Samba4?, I would like to do the same and engine can authenticate other users. I would like to do this without Windows Active Directory. Many thanks in avanced, Juanjo. On Tue, Apr 9, 2013 at 2:12 PM, Eduardo Ramos <eduardo@freedominterface.org>wrote:
Hi Roy!
In fact "engine-config -a" works fine. It shows me the db config content. By the way, that engine is running ok as well. I just can't get engine connected to my samba4.
Watching postgresql log file, whenever I use engine-manage-domains or engine-config, the following messages are appended:
LOG: connection received: host=localhost port=33331 LOG: connection authorized: user=engine database=engine LOG: unexpected EOF on client connection
But engine-config works fine. I'm using CentOS 6.3 and using yum there are not update for postgresql or jdbc to update. The same with ovirt-engine.
I'm really not understanding why it doesn't works.
On 04/07/2013 05:57 AM, Roy Golan wrote:
On 04/04/2013 09:45 PM, Eduardo Ramos wrote:
Hi all!
I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:
[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain= gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive Enter password:
Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord.
it looks like engine-config have problems opening a db connection. The DNS reported error is a bug and is shown due to the connection error.
you should get that same error if you'll use $ engine.config -a
you have some problem connecting to the localhost postgres instance using the password entered during setup probably.
is your postgresql instance up the engine is able to connect to the db? engine-config is getting the password from the same source where the engine does.
also, a PTR record is no longer needed since openjdk 7 due to a change in the impl of the krb5 module.
secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.
Using host command, I got the following results:
[root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br ovirt-dir.gsr.inpe.br has address 150.163.80.125
[root@ovirt-dir eduardo]# host 150.163.80.125 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.
[root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.
[root@ovirt-dir eduardo]# host samba4.gsr.inpe.br samba4.gsr.inpe.br has address 150.163.73.109
[root@ovirt-dir eduardo]# host 150.163.73.109 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.
As you can see, it is everything ok. No DNS problem.
Someone have any idea?
Thanks.
_______________________________________________ Users mailing listUsers@ovirt.orghttp://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing listUsers@ovirt.orghttp://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Hi Roy!
In fact "engine-config -a" works fine. It shows me the db config content. By the way, that engine is running ok as well. I just can't get engine connected to my samba4.
Watching postgresql log file, whenever I use engine-manage-domains or engine-config, the following messages are appended:
LOG: connection received: host=localhost port=33331 LOG: connection authorized: user=engine database=engine LOG: unexpected EOF on client connection
This is a multi-part message in MIME format. --------------030706080205060303080104 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit On 04/09/2013 03:12 PM, Eduardo Ramos wrote: please attach the engine-managed-domains log. just throwing a bone here, could you try another user or just a different password and see if it fails different? say 123? and BTW Rene has got samba4 working for him.
But engine-config works fine. I'm using CentOS 6.3 and using yum there are not update for postgresql or jdbc to update. The same with ovirt-engine.
I'm really not understanding why it doesn't works.
On 04/07/2013 05:57 AM, Roy Golan wrote:
On 04/04/2013 09:45 PM, Eduardo Ramos wrote:
Hi all!
I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:
[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive Enter password:
Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord.
it looks like engine-config have problems opening a db connection. The DNS reported error is a bug and is shown due to the connection error.
you should get that same error if you'll use $ engine.config -a
you have some problem connecting to the localhost postgres instance using the password entered during setup probably.
is your postgresql instance up the engine is able to connect to the db? engine-config is getting the password from the same source where the engine does.
also, a PTR record is no longer needed since openjdk 7 due to a change in the impl of the krb5 module.
secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.
Using host command, I got the following results:
[root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br ovirt-dir.gsr.inpe.br has address 150.163.80.125
[root@ovirt-dir eduardo]# host 150.163.80.125 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.
[root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.
[root@ovirt-dir eduardo]# host samba4.gsr.inpe.br samba4.gsr.inpe.br has address 150.163.73.109
[root@ovirt-dir eduardo]# host 150.163.73.109 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.
As you can see, it is everything ok. No DNS problem.
Someone have any idea?
Thanks.
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--------------030706080205060303080104 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <div class="moz-cite-prefix">On 04/09/2013 03:12 PM, Eduardo Ramos wrote:<br> </div> <blockquote cite="mid:516405C9.9080701@freedominterface.org" type="cite"> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> Hi Roy!<br> <br> In fact "engine-config -a" works fine. It shows me the db config content. By the way, that engine is running ok as well. I just can't get engine connected to my samba4.<br> <br> Watching postgresql log file, whenever I use engine-manage-domains or engine-config, the following messages are appended:<br> <br> <small>LOG: connection received: host=localhost port=33331<br> LOG: connection authorized: user=engine database=engine<br> LOG: unexpected EOF on client connection</small><br> </blockquote> please attach the engine-managed-domains log. <br> <br> just throwing a bone here, could you try another user or just a different password and see if it fails different? say 123? <br> <br> and BTW Rene has got samba4 working for him.<br> <blockquote cite="mid:516405C9.9080701@freedominterface.org" type="cite"> <br> But engine-config works fine. I'm using CentOS 6.3 and using yum there are not update for postgresql or jdbc to update. The same with ovirt-engine.<br> <br> I'm really not understanding why it doesn't works.<br> <br> <br> <div class="moz-cite-prefix">On 04/07/2013 05:57 AM, Roy Golan wrote:<br> </div> <blockquote cite="mid:516134F2.90404@redhat.com" type="cite"> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> <div class="moz-cite-prefix">On 04/04/2013 09:45 PM, Eduardo Ramos wrote:<br> </div> <blockquote cite="mid:515DCA50.1050003@freedominterface.org" type="cite"> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1"> Hi all!<br> <br> I'm trying to connect my ovirt-engine in a samba4 server. Samba4 is ActiveDirectory complaint. But when I use engine-manage-domains, it returns me a strange message:<br> <br> <small>[root@ovirt-dir eduardo]# engine-manage-domains -action=add -domain=gsr.inpe.br -provider=activeDirectory -user=Administrator -interactive<br> Enter password:<br> <br> Error: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.. Problematic domain is: getconnection: driver class name=org.postgresql.xa.pgxadatasourcegetconnection: url=jdbc:postgresql://localhost:5432/enginegetconnection: considering encrypted passord. </small></blockquote> <br> <br> it looks like engine-config have problems opening a db connection. The DNS reported error is a bug and is shown due to the connection error. <br> <br> you should get that same error if you'll use<br> $ engine.config -a<br> <br> you have some problem connecting to the localhost postgres instance using the password entered during setup probably.<br> <br> is your postgresql instance up the engine is able to connect to the db? engine-config is getting the password from the same source where the engine does.<br> <br> also, a PTR record is no longer needed since openjdk 7 due to a change in the impl of the krb5 module.<br> <br> <br> <blockquote cite="mid:515DCA50.1050003@freedominterface.org" type="cite"><small>secdomain=encryptdbpasswordexecute: beginning execution of action action_get.fetching key=domainname ver=general<br> Failure while applying Kerberos configuration. Details: Authentication Failed. Error in DNS configuration. Please verify the oVirt Engine host has a valid reverse DNS (PTR) record.<br> <br> <big><big><small>Using host command, I got the following results:<br> <small><br> [root@ovirt-dir eduardo]# host ovirt-dir.gsr.inpe.br<br> ovirt-dir.gsr.inpe.br has address 150.163.80.125<br> <br> [root@ovirt-dir eduardo]# host 150.163.80.125<br> 125.80.163.150.in-addr.arpa domain name pointer ovirt-dir.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host -t srv _kerberos._tcp.gsr.inpe.br<br> _kerberos._tcp.gsr.inpe.br has SRV record 1 0 88 samba4.gsr.inpe.br.<br> <br> [root@ovirt-dir eduardo]# host samba4.gsr.inpe.br<br> samba4.gsr.inpe.br has address 150.163.73.109<br> <br> [root@ovirt-dir eduardo]# host 150.163.73.109<br> 109.73.163.150.in-addr.arpa domain name pointer samba4.gsr.inpe.br.<br> <br> <big>As you can see, it is everything ok. No DNS problem.<br> <br> Someone have any idea?<br> <br> Thanks.<br> </big></small></small></big></big></small> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> <br> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> <br> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> </pre> </blockquote> <br> </body> </html> --------------030706080205060303080104--
participants (6)
-
Chris Noffsinger -
Eduardo Ramos -
Gianluca Cecchi -
Juan Jose -
René Koch (ovido) -
Roy Golan