LDAP-based domain not working after upgrade?
Hi, We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist. This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue. Additionally, there's no combobox to choose the permission to grant? All this is done with the admin@internal user, so I guess this is not a self-permission issue. Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them. Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant. Any hint about this? Thanks
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
All this is done with the admin@internal user, so I guess this is not a self-permission issue.
Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1]. Can you please share engine.log, while you hit search button? [1] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
Thanks _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--=_3bd4807380444da89f7b6ed947d4d506 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8; format=flowed El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
All this is done with the admin@internal user, so I guess this is not a self-permission issue.
Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm afraid there's no entry about that. Thanks.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
Thanks _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--=_3bd4807380444da89f7b6ed947d4d506 Content-Transfer-Encoding: base64 Content-Type: image/png; name="Captura de pantalla de 2016-08-10 09-02-19.png" Content-Disposition: attachment; filename="Captura de pantalla de 2016-08-10 09-02-19.png"; size=12734
iVBORw0KGgoAAAANSUhEUgAAA4UAAAH2CAIAAABIm76xAAAABmJLR0QA/wD/AP+gvaeTAAAACXBI WXMAAAsTAAALEwEAmpwYAAAAB3RJTUUH4AgKCAc1krwZ2wAAIABJREFUeNrt3T1649q2HuoxWbUD +3G03QUg2oHvjU4bwBxM3AagMWAbTkLkQhvswDc7CdAGN+A6gIMJgCClqqWqJZZUqvf18j4sEsSf CPHTmD9IVVXHtzVNXZV1FAEAAD9mimHsz+d+e6IooizrYeiLIqqqzi99/V4S/W5UBQCA7ymiKuqq qodhSaXTFNPU3y31Qh4tiui6y326nfphiHHsp8mpBQDgGxG0iLKsqyqK4lrZrKq6quq2Pb2YJL9+ P4xOU7TtyZkFAOA1cgV0GCKij4iuuxRrz8+uu2yRdJ9LD3er2IfR87kXRgEA+Glte9r3H71GzSm2 WumXsvzXtkTT1Ns/2/b0P//nfziJAAD8HdP0H//jf/TbwKR//jPWkPkf//t/R9zVR7flzmf9RAEA eKtIGluVdAucW9q85tFm99ow9E4cAABvZRiu5c7mdhKn63imcn1Bn1EAAL4jD1Eqy2usHMdlOqfv aNvT09NliZ1Dn9dTlfXhbr2vV1X109Pl6enynTfmZZrmhXlMm6Z+ero8n+I0r3P7r+suD5oGNa// J974rT3/6R/nD60qb31/Sp8/AwDwsCi6zOiUM+gw9MPQ5zBalnVRxGvuo7RPj9Pz8fXPZyj9yxU9 Ii9O65CrooimqYvH3CDqJ/vIvl3P2qqq95MgAAB88DBalXWsje9blMqPc4fP79/a8y5q5jXc59Fh ePXerDH0EXm07U5tezoelxmqHrGJ4/H0cz0TzkN/PJ50sQUA/rw4+hd3R5qmGMf+O6W2F6Pm/Xz4 udz6l3I0nqY+os4tzls+K4po20tRxDTFeBva8tT8RRHT1I/jqw57HPqiqcty+WdT1VWTNx25Phzr PKvD0OfdmKZomnoY+lw0zktuzeLn8/Ku3Fh/PJ72O5bz/nnocxH0etPU3d1X85Pberbjze/d+uo+ PV3yjySvYbtN1v5s5Eb2qqrLss7h+Lon07onP+jFfX7lqbvbQwCAaxhdbz2/RYt9UNn+OU05dL0c W8exj7ivMz5vr3/VDlXVknBzfs3/zLYwGtFXu06NW8t7TrGvKnkWyyirHF6rqq6aesuXd+34VVVP 07Uxvarq3KchL7mdvuet/3mBWCvPVVXnMV9NVVdVPU39MPTTmhSf/2BypMubrqq6bS8v/tiev337 8yLH1i2hLmsromrqH+0V+q19/qFTBwDwoq1w2VR1FNdh8nf//E5981X3C31lOs43JB3Hfhyjquqi qIuin6b80vUuo01z36y/FuH67/eb7NpL7LqobpEuIrruNEXkImiuU+ZltoJlXmya+vP5WhbtutM0 RVlGUdRlWe/7LqxDw/pcj6zKejmJRT6hSzWx3J6/yeW7gyqiay931eK83by3d8eb02HT1OOu8hoR +T5aOeluFd9X/2xe3udXnjoAgG/ZZ6Hz0N9k0CJiin259C5ufccw9F9/bm9iN+Qoh6e81W2w1bci 8PbMOPY51H4r8u5D2za2KW7vaLq14z9P4rmkuu9mm598HoJz3bgo6q5bwuX+vdVScYxx7IdnfQy2 PBoRMS0HdTNk7NVRMr9rf1b3J/aVK/nWPv/QqQMA+E7S2EfSsoqIGIebMJqLgK/UNPXP5NEcwooi 9vMl7YuCf9+xPX2r+fjNp0fN1dzciTNXN3Nvzjx5QVXVVVlvJeH7HpbTqyY1eNDn4H5PljD9zX02 sywA8AEdfvQNuUU+1gLefmKmooht9qlt4bvAtD2zn0D1R6PYNEVZ1jk4/v1TsFUT23YZcZ+PJT8/ DP1xff755qa4toZHca0c/3TQ3E7v9uDF4uU2+mrrkDDtjuX5Pj/o1AEAf5R9tMvt9eMQ4xD7zqPx 47Pa/3B9dOud2bbXnJQ7g+YuiWvfxzp3Ld2WGca+WocxlWX8xKSbubdl113yePB4u4LfVvHdQts0 RVUttdJxvO+HsDvwvuuWeFdERPEzd1utqroso2374dxXTd11l3wO4/bOWttJyGF03/i+bXSr797t 8+NOHQDwh9gHoRxGtz6jW1/SrdX+h3oD/nB9tFwmQb0PSbFOApVH8ORhQ/vW7VyAXKcA+JnG/WWW omkZD56z79+XRyPlHcvFxa47xTrKp8jFyJcmbNofVL4bwTD0bfcDOW+4zuBVR8R53ZNlvqfzyxMw dd3N7KfbDn9nnx906gCAP8rWvponx9zS590/f7QZNm0lzP18nAAAcGfrtPl3lrnLnE1TH5xZAABe Y9puUv/tMFqW9Y+2wsqjAAC8NpAO69Tm29jr2I0Fj4hh7H/oJjs/Of8oAAB/bCSdIiKWKZW2eUbH sf/+re2/papqeRQAgB8Mpcvte95m7nnt9QAAvCd5FAAAeRQAgD9S2/byKAAA7+l+PFOeoRQAAH4N 9VEAAN5N170035M7mwMA8Agv3tvp6+sXBQCAn/atoqf2egAA3o3x9QAAvDN5FACA9/TA+9dPU4zj 9a6mZVn/Rt1Sf+udd4zODAD8Ll4eX/9G3+h9/iLfPddPUxRF/TvEkd945x2jMwMAv5eHtNfnb/Si qIsidv/V20t3UkrDcPN8Wd4/84vjyOt3Pjuf+7JM2fF4eq+df/Qxpmc++JE+9My07SmldD73z8/S 60/L7/XJAYBHePv66DTFOEZZ1rnRMw/sL4pccKpzM+iHbf3c7/wz39z54/E0jn3XXXJRbRj64/H0 9HSpqvrTHGNWFPUwXG6f+Uxh9GfOTNedmmbe//P1W/y9PjkA8CBvXx8dx74slwfD0I9jvz2IiLK8 6Zn3iojQl+UppVSW10LUNPXH4/JkridNU5Rlyk/+nQrTtvMvenHnh3M/DP04zFW1FNWapu66yxY4 2vaU9y0Hju1wtj1PKe02sTxflqltT8fjKT94xA/o9ce4f/W2cBixVPhO+4yVf1LDsFT+jsdTTnj7 H1M+Lc/ftdUL797VtqeyvD0bUxyPp1TefDZ+8ZmpqnqarrOpTVMfsXQ2Hc79iwf4Vp+cuG1YaNtT PjMvfnJevI4A4CMYhkfN95TbN++S5fWl16uqvm3reZ6H4dK2S0Apq1NV1fM8d91ln1qKIsZx/tu1 pfqHXjoPfdPUcVs2a5p6241h6Idh7rrLNMXxeOra655/PzpPUzw9XcZxnqZ46wxR/9RLL2uaepr6 7acwDH3T1LnU13WXeZ6rqq6qtB1U/jG17WWaro3gw9BXVT0MfdudhmF5V7l7V1nW43gZhvl8XrZ1 bE8RMY/zMMxdd3qjU/TDZ6Zp6q0m2nV92y6LVU39/ADf65Pz4nUEAB9BVdUffb6nsszfyn1R1PM8 F0Wcz30R0TR1PoB9Gmjby69vPs4tvFsO2DpW5rJW3slc/cqJpNrt+fdTRT7Gu8Tz7n/B7DuPbvW/ HCX3qSuHrfw4H8iuknfJJ6Sq6q5baqL5LJ3PfVPVub9m09TF7l1NVUcsRdncD2QY+qfukp/s2st7 9bzcjj0fY7MLnc8P8L0+Oc+vIwD4OB6UR1/oabf+81WhYSvfPHWXolgGjuwaH69f3udzP91v4g12 /vUv7Ztxc+VvHOeuu4zjtkC95o+7MVv198tU+yHeb13Q6n/qpSiKOh9g/m8Y5rvc03WnJQxNN+Of 9o3a249py1Vbit1HtPtTdB/m+ohI20ig9vRD/UDe8MzkPZ+mfhj6srypdz4/wPf65Lx4HQHAp82j ZVnnL9SyrKuqLst6e/A8cGxfxjffr1PEFLkn3zD2XXcZx3kcL8PQr42P9bwax/mpu7z5zr/oxZ2v qnprQY649qr8fkpYQsazJffn4ZpCprccNvQTx7iPUM/7j+aTMEUMQz9NsQWvprn5MW1Fu/2pm5ZW 6T6/etdH87s9WeuImHe2cPzrz0yug57Xo/jOAb7xJ6d47SfnxesIAD5tHs3ff+vopbqq9mH05RHK bXtpu1NOM8PQH9vTNslO2279Apfm2qaqty/UaYqqesvxGfudfxZHXt753CqddyP3Fzyf+7Y9ldUL qWUY+mEd67O2TUdEbEN59sufz31MMU3Rdqe2vbzjMe4zWa50bv9dz0NVt+1p31J8Pve592Qe2PRi SS+/ax9hz8Pyrnw+m2/0Bs7N/Vup73g8tX+7S8NPn5m2vQxDP75UBL07wDf85EREVV7rr/sW/Oef nOfXEQB85jwaawvmOPa7Js5lfP23vpi79rKMJm7zaOKl1jUMl67rU0pllXK0jSJyjSelVFWpbS/P K0+/cucj4unp0raXruvLMpXlaRj6p6fL86ptUcTT06Xt+txm+tQt0/p03aXrTimlcbwJNEURZbUc +LsfYzZN+Riv/20Zum3rfXG0quqn7lJVSwPx09PLXXvz+PTt6Kqq7trlXcPQj+Mlvp2c8kCf3GQf RbxJmfznzkw+tPKlBe4O8G0/OU1TD0PkXiv7TTz/5LxwHQHAh5G2b6anp8uaOd6mfOJ+oX9HWaau e+w8lB/hB5Tncprn+bP+9H/9Af6CTw4A/PTX4vaVuo3fbZr6gfev39rcf0e/9c7/Lsc4TbvxT5/x zHzYAwSAD+WrU8B7KctUFPU4XBwgAMijfDjjOH/6Y/xozfSf4wD/hE8OAJ/MwSkAAEAeBQBAHgUA AHkUAAB5FAAA5FEAAORRAACQRwEAkEcBAEAeBQBAHgUAAHkUAAB5FAAA5FEAAORRAAD4KV8fsdJp iq47TdPyz6apq6p+801U1WkcL36EAADy6L22PRVFdN0lIsaxP5/7iHjzSAoAgDz6snGMrrsURURE UdzE0GFY4mlRRNsuy2xP5tjaNHVEHI+nqqqHoc/PnM/9MCxvzEk3IoZzfx76/bvO534c+20BAAA+ uIf0H62qaNvTMPS5yb6qlvb6aerP577r6qenS1XVbXuKiGmK87nvusvT06XrLtu7IiIny6ZawuhT d3l6uuTQmReYIp6eLl1Xd911W20rjAIA/Nl5tOsuTVMPQ9+2p+PxtMXHruurqs4V05xQh6HP9c5c KN1i6Jpr66KIKGIY+qapo4iI6NrL1vSfa6JFUZfl8q6iiP2qAAD44L4+aL27mmh03altlzb0YVia 3fe2J++iZFnuH6/t/kUUEVsNFQAAefQ+XJ7PfW5Yj6WfaN22991Dc1QtiiWMPnWXXP48Hk8vrnYc +1xYnaYYx/4aTwEA+J29fXt9Lou27Wma+mmKYejbrs+Fzzw+KZc2c2v+tcyZBzad+3F8eZ3nYWv0 P32nODpNMU29nysAwO/iIe31XXfJbfTj2JfltSa6RdW8WNPURRFFUQ9Dn8uiVVVX1Qtt8U1Txzm2 ZZqm/lYkHYY8vl71FADg95C2sUFbC3tuRgcAgDe0D5lbF82mqd0vFACA9ySPAgAgjwIAII8CAIA8 CgCAPAoAAPIoAADyKAAAyKMAAMijAADwCG9///rzuXdaAQA+paapf4M8+uKOppQesaF5nn0sAAB+ jQeVHbXXAwDwnuRRAADkUQAA5FEAAJBHAQD4s3z9HIfx3/7b/3M4pC+HQzocDodDOqQvhy/pcPiS H6dDOmwvLlJ+6svhsCxwOBwO//7v/+4zAQDwK32S+mhK835CqRQpIlLMEZEi5hSR5vzC7i0xp8gv znlCquTzAAAgj/64YehjTpGnOE1rFt3FzxQp5sjhM6VrXk3Lo5RSxPyTU6ROUxyPp4iYpr4s0yuW 79v25JMHAPB58mjbnq7Jc75WPNfXc/ZM8z53zpHSHLc11Z8rkI5jP44/sHxR1FPO0AAAH8bxeEo7 udwmj77K+dxXVb1lyrTkzbREzF0zfA6o81IUTWsj/7rkM8PQl+WpLE9lmfLdCIbhWgHdHrftaZr6 7Wd2bE9lmcoy5cTZtqdtJSktTzZV7a6qAMCHcnd/zUfcF/TT5tGuO615NCfNNOdIOq/N9LeBc588 l2ya0rLwrbbth+EyjpdhmL/Twt51l6Kon54uETFN0VT1OM5te8mJs+su43gZx0tZ1k1T512tqnoY +mnyyQcAPoqqqrca3/6xPPrXpinKss6dQ2MZwLR2Do1Iac7JdBnZtIXOLaTO8zzPKcUc812ZdBwv 49ifzz/Q3bMoYk2cMY79LtqecjbdLVnvFwAAeHdbTfRXFkfj84yvXxPmTd7MD+ZcA01pTinNcZs6 U0opctfSpZtpSik3xOc296JYc+TPljPP536aIhdQAQA+rFwW/cXF0fgE848WRa5EpjmllOY5Duuo pTWjHnK/0ZjTHHGISHOkw21kXUbjp3me5/xc7uiZk+g29qgs62mKmCKKuwFJ/XfCaNedxmG+e36a +rKUUAGAj+UXV0az374+2raXHA3TOn4pxbXnaFpmH404xFoBvY5zWruWpuvw/N3fB2VZl2U6Hk+5 SjqMfVFE09RllcryVJbXDhYR8a2ZnnJLfVmlPMhpGxdVVXVR+MwDAB/Lry+Oxm9dH/3y5UtO8WV5 +i//5f/dAuXSJJ/7hM4pHZbHN31H50hzLpfGnGKpnN56sYV93we0aZaq5zjePyiKOj/eCq5753P/ Ln98AAB8QL9xffQf//jHLiOut19K2yHlfqNzmiPN89o/NCLXRg+Rb9mUG/nX+zT9ihs0TVO/DXsC AOB3zaNfv37d8mhV1cvdmebI4+QjRUr50NLaOj/PsUyTP68zQ6Wt32hOrmn+BXteFPW+yAoA8If7 LdvrU0r/+Mc/tjwaEf/r//tffpYAAPLoN73YjRIAAA5OAQAA8igAAPIoAAD8cg/pP5pnfQcAgHfI o2Z6BwDg9bTXAwAgjwIAII8CAIA8CgCAPAoAAPIoAADyKAAAyKMAAMijAAAgjwIAII8CAIA8CgCA PAoAAPIoAADyKAAAyKMAAMijAAAgjwIAII8CAIA8CgDAH5hHy/J0Pvf7Z47H0zD0TjcAAL8ij0ZE 1/UCKAAAf+nrg9bbtvX53FdV/dJLp2naYuulKKJtT2VZj2M/TVEUUVX1MCyPu+6Slzyfl4BbVXXT 1Her2p48Hk9VtazqxSW3jUbEMPS5jlsU0bbLk8/XeT7349hvewIAwBt6VH20quocNJ+H0Yh4ero8 PV2qqu66ZYFh6Lvu8vR0maY4n6+PcwbNYTQ/OY59XkmOknlVw3Atx+bsmJfMy7y40Wnqtw2VZd12 p/2SXXddZ1XVbSuMAgD8Vnk0Irr2Gij3T+ZCY65BbjXLrZKa66Pb47zAMPRNU6/1y8swLO/a1p+D 5t2qcp31WxsdhiU0R0TT1OveLhXZooimWd5eFJEXAwDgzX194LqLaJr6fO7L8tpqP0V0uUG8iNdn vHGM87nfxkiVZUxTbI3pbdtX1bXBfdtcWX5vo+N4s2NFEdPUR8TxePKxAAD4FHl0rVBujfIR0ban qqq7ro5d982/VJbRNPVW+MxdS6cpmqpumnqaoutOXXfKpc1x7Iuizin2Oxvdh9Gca6uqjuifnnZN 85NPCADAYz18/tGuu0zTNRpGLG3fuZ/o63PteehzOjyfl/6jw9DnTp93ZdHcyJ7X3+ya/u82WlWR R03FOmKpKKKqrgu07aldepoupVMAAN7c11+wjaap27bfHueW92JtzX/lGuIcx3ZJn7kOmlebm9fz 2vLCZVnnJ6uqrpr6WxstirpplgFMeXx9RHTtpe1Ox2O/39Aw5PH1tY8LAMCbS1sj+NZOnVvDf1PH 46nr6txeDwDAx7EPmduInaap3S8UAID3JI8CAPCevn6y47kZHQ8AwIenPgoAgDwKAIA8CgAA8igA APIoAADIowAAyKMAAPBYbz//6CtvSQ8AwG+nad7+ruxfH7SjKaXDIR3Sl/QlHQ5fDof0JR3Sly9f lhcOh8Phy+FwOKSUvhwO6cuXQ0qHvOghHQ55uS+HL+mQDl/Wd6R0yAt+OeS35bXkF5f35cV2zxzW HckrO3xZXs9LLw93a7m+7bC+dfdaWjb6ZT24dPOudEhfDl9SOtysLx9n3vcvh0P6cv9qfvluH9KX /NSyjZuzkLf2Zdn9/W7k5b8cvhy+pJS+/Of//J9cOQDAm3hQ2fFh7fUpIlL+f2me8//dXjvk1yNi eTbFvL5hfW9KEZHmFCnN1yfn/K45RZpTSssSy5PLYtftpMO6MylSzJHmiHndzLLBFCmlNO92b13D nJeNSOm62u1h2lazvvN6BCnmlPbvim0jebfTfjcj5kgpxby+IeWfzHrcaTn0tGwovzmtOxlz7Hd+ OdUpYk4pZlcOAPDBPbD/aLrLnGuQjJjnm6SWA9acU1S65sE1bkaKmyi2LLcGv3VF6ZC2DJlDZtzE sTnt82ra58+ItETItIS9JREuWXlJoekaZK8HOadrxL1NtHPMOUCnfczNr9zE3zhETo9pTmleQuQ+ Iaec6ec5bjJuXialNM9zXA/qNh8DAPyheXRf79yFtLSmuv3/XsPaHPO1+Jfi9n9yGI15X15MKW8r bVXU63bna2VzfcMhRZoj0hxzLkruYmmab5PreghLhExzxJyrsdcIHNfiZd5Y2ifPNdvuw+L15bvM eHOg+4Qet0l83qJq2n56S5JO87wE6+1EqI8CAH9qHs2RaE7z1gS9b1KeU86DMe9bztfK5xrK5pt0 lx/My1vvnk5rKH2eYuOuXT234aetH8C6YykOW0+BXQF3Ttd2+jlFmmNey69ba/gSHvPhptvAuR5W rm6m2+4EKb8tdvuxHXPewTRvXQT2L0Q+4vnm/OSNX3f4edUWAODPyaM33TO3Ymi61gKXZ9aW6xwp d+lqzgFv6wi51k+3lS0VyV19dZ73BdfbYuQckeYcZOddBL2Nz2nrMHpYUnTaGtzTcrL23QB2bfux 1U2vqTNd+4Pm3gD5PXOKXceANa4uvUvTrtfCugvzvl6c/29O89euC+napyGtIXreJXoAgD8uj6al 4X0zL2nw2sa9LrcEu/xijl+xFTfnNU1ur69vShFpXpvJ46bf5Fp33cXNNf2tFcm7QmWs7eC50Ln2 CVg2m3IuXoYixd0710S4VDIPy56vmXdeO6PGlotTRD4b87P65TzPc5rv+6jujmN96rD0SVgzcO6D 8KwyDADwp+bRdWDOtbn8Ogpp6wYauxC5NFDP12LkFqpSWgfurLF0eXHpt5kb0W96la6bXALcPO+H SUUe8r+176frlua13+a85eJruXLJxunZYKglZ6Y0p/lmCNUuHM63SXzt5Tk/73OatkB93/k29gdx 1zFgqa7GWnEFAPjD8+iSQ9Oc9nW7faBK17mT0vqGnMTWrqX7hbe+nLlxet6ns12L+lquPOxf2iZ1 ut/Qdfz9s5mU0jU+bvudRzRtQ5jSbrBU2rqwPjsPS3+DrfC722KKOc3XIUe7WQjiheFR1/O0xePt kNP1rM6R5pv8DQDwR+bR3XiatI4duq/a5Vz5vB/oljqXMU0pdj1OcwN4mm/S2iFdg1yK63yl1yLj HHMeHHTtxZp2/8gDmGK+n7TppgV8y53XBebYTyqVo2dKz09D7DaYrkn1sFaMt26gW1jd+h7sZqC6 ycnzvivuroU/7TojqJMCAK90PJ7SzvF4+gR59BoKb8b03Dc7rzPVX2cpummoTvPNFE67dUZsY4Su S1+7o+5H2u9yXLrpHHp9X1rm1d/2cC3I7iaZel50nK/5ebcD89ZfNW4PN9dC57UGO+/H52/jkJZh XtdDm5fhW3mq022I/n4s1XydLGB5cZ6T2fABgNe7uxHoI+4L+qvzaLpr7t7f4WgfF/cRc17m+Uy3 6XPeAuFuuvybmuFu2H4crmu8rXbuBxTlkfi3Y5PWezitNdZ0G5qvE/A/O8o1ie6zZux7u67vSrs7 T11nYL0N6Usv2rTl6uUeU+us/NsMrdsQrq1raroWdLex9gqkAMCrVFVdVfXzx79xHr3e5jKWCYpu W62vgSxu8uB2h9B5P9Pmso50N0PTLstu3Tnna3t82qbQ3+Xe3ZxN8zIfUtp11cx12nntFnAzPiqu M1Dt7zm6HuDz+e7Xzaf5OjdTXuqwP0c3YXR9X9pn5+sRb2ub49nezfvbDex2AwDgNbaa6K8sjkbE 14dvYYuE882diJaAeUjP506aIw5pvUVmupnl83of+HlOd7OIzjFHOqzFxbs5PCPNKd8AdDfx5zpx VG5GX7qhXkuPc5oPt/N6Xm8xtc6Lfzvgahkdn3bpMbb5oJbBS/Mc6TA/64m6rGu+nUzqdpqAfYi/ mfdql37na+Y34RMA8CO2suivLI4+NI/e3o0+7ep2c9pVF+c5HXaTil6LjnOkwza7+xzzIQ7rPKWH Zbh6Ouzm+dxa6tNLUx6l7SZO825T6XpD0W1U0DYp/trlNeZ5TvtZ6q/BOK039Zx3zfAR13mu5nQz 1+o29f31tve3cXQfX3cp/RpA03qXp7iZjSrdjpbaHwEAwKv94sroY/Norm4ebhu0d3dXil2iWoLa vDWmpxeCWMyRDvOc1pC6FVi3jpjzPsXFHPMh59XbWBr7GfTn2+C6xdx9+/0aPdceoGnXP3ObHOpu VH1a5xxdBibNzyqVKS37fu0Gunthm1w/3QwJuw6hv3am3eacyucnDvsGewCAH/KLK6PZA+d72u6s tBu8vmbFZWLSm+k1dzXItC8BLvdT2hX81rE+N+XFm2k8d2ltmfzztnE/bdMiXaee3+3MvBuWH9uA ot0dS+f5/oaksR3DbibUOdL+Vk1xv4vXZvp0nWd/zdZrZ4X9UP20e/56q/otgi99HF66ayoAwAd1 eOzq84RJ231Ct9A23044/9L9jtbbYMYufF4j2Tpj6O2WthvIx92Y9VhG2y+VxX1ojK1uu892a+68 9mpdMun1zqbPBw2lawTOR3i4m/1/P5no7eZ2gTrtx4LNMc/xbBKsa7/Rm76tafv/97e8BwD4A/Po zfyYu0b6a4Cat7lA57gdSX8dl3M7PP+mO2qKtJ/5fbttfO6VOsf9QKh5rdOm+XaipznfeWlO17mj 0n4Wp3kb239T/lyql/OzyUzzDeiXuznd3QG+pEhiAAARP0lEQVRqeWEfF2+GKqW7aarS7aRTN3dj uh1dH7uJ+SNv3AykAMBv4FH9R//P//n/nVwAAP7SwSkAAEAeBQBAHgUAAHkUAIA/xzQ9ZjzT+dw7 uQAAvMbb59F3uc0UAAC/Ke31AADIowAAyKMAACCPAgAgjwIAgDwKAIA8CgAA8igAAPIoAADIowAA yKMAACCPAgAgjwIAgDwKAIA8CgAA8igAAPIoAADIowAAyKMAACCPAgAgjwIAgDwKAIA8CgAAO0UR Xx+39skJBgD4HKnxkSt/SB6dZFIAgE+URqdHptK3z6PD0E9iKADA58ulRVRV/dHz6BQxTdE0tR8Y AMAncz730wOqpMYzAQDwnt4yj2qlBwD49N488h0++g4CAPCJ06j2egAA3pc8CgCAPAoAgDwKAADy KAAA8igAAMijAADIowAAII8CACCPAgCAPAoAgDwKAADyKAAA8igAAMijAADIowAAII8CACCPFk4p AMDn9YCwd/jYuwcAwCdPpNrrAQB4T1/fPC8XRZzPvTMLAPDJFMVD2sO/vvkaq6qetn9MfnAAAL97 Dr37vx8+j277OoUupQAAnymR/j559BfsNwAAn4PxTAAAyKMAAMijAAAgjwIAII8CAIA8CgCAPAoA APIoAADyKAAAyKMAAMijAAAgjwIAII8CAIA8CgCAPAoAAPIoAADyKAAAyKMAAMijAAAgjwIAII8C AIA8CgCAPAoAAPIoAAAfx9dHrHSa+ofudFHUfnIAAPLoN8PoQ/PiNPmpAQB8HtrrAQCQRwEAkEcB AOCT59HzuS/LlB2Pp2HYDXuaom1P+dWyTG170k8UAEAefUvH46nrTl13Gcd5HC9VVV8j6RRldRqG yK923WWaoqqSSAoA8Ol9/TWbOZ/7YejHcS6K/ETdNBFxWV4d+oh+HOYoIiKKoq6quiyX/OqHBAAg j/5dw9A3Tb2G0UXT1NurVVXH7attW7fdqfMjAgD41H5Re/04Xh9PU6R07UUaEePYl+X9lKVFEaG9 HgBAHn0TZbkLmhHjOI/j3DR1zqllWY/j/S2dpinuKqYAAMijP6mq6vO5X8YnFVEUURSx1USrqh6G /m70Utf1VeW+oAAAn9wv6j/aVPVQ1VWV2vaSe5EOQ38+L4mzqequq6vq1HV1rpWez31E37WznxAA wOf2q+Z7KuKpu7Ttpev64/F0PJ6mKbru8vR0ya8Ow6WqlilI2/ZUFDEMc6G9HgDgs/v66zZVRNPU 25j6+xeLMLUTAIA8+kaMiwcA4HXcvx4AAHkUAAB5FAAAfr237z9aFPVw7h+600VjXlIAAHn02yp5 EQCA19FeDwCAPAoAgDwKAADyKAAA8igAAMijAADIowAAII8CACCPAgDAI7z9/ZmGoXdaAQA+pap6 +9twvn0eLSs3CwUA4P3yaOGkAgDwavqPAgAgjwIAII8CAIA8CgCAPAoAAPIoAADyKAAAyKMAAMij AAAgj8YwRLo1DP353KeUpumv334+9217er7C4/rk61cFH9A0RUrpfO5//J3Rtqfh9o35ctjWdmxP x+PJSeb3NQw3H+m2fYNf+MfjKZXXlZRluvuWAT5hHs2qpu66S/6vLOuiqLvu8po3dt0pf2ff/5I6 98PQ+zTwiZLpDy9+PvfTS2/sutN2yYxj+GuNP/ACec2fc3d/GQI/9Lfib5lHi6iravmviJimperZ tn1ZpuPxVJZpmiI/2P5abdvTNL1QIt3+UN7/Bnn+9vyHddvmJ0/nc58XyH9qT1OsL/1UdQoe9837 0oc5F3W2j2tVLdfI+dkfZtMUbXfXqtCX5fL2XFJt21NZno7tKV+A53OfN5f/zNt24Hg8+cOP3+Ia iYjtY7w8M0VKaf9r/+6iuHvy+WVSlqfj8ZTX0Landr1e8ldPXn7/DPxRfss8ej7vfnEU979WiiK6 9tJ1/TD2XTe37WWaYhiibS9FEVVVN83l7mpvmnqa+q7r979KIqLrLlVVn883UbXr5oi+605NcynL uu1O0xRddxqGvusuVXVp29Pgtwkf6e/Ouw9z/uJ86uaqugxDP03RdXVENM2lqup4dnXcNSAMQ19W 8dTlz3+fl5+mvirrtr0MQz8M/TDMEfV5Tat5B7bH8NGukbvvi2Ho2/bUtpf8kd6y5jj2bXspinr/ pZCLI/uWhG9dJuPYN02dr8T8bTIMfdf1uaJRVdF1l3F0mfAn+vo77nTT1FVZR0Tc/lLI2vYSEVH0 53O0bSrLuqrqsowiJ9ciro+33yZlPVUxDKeIy7aJoohhWJpdxvH6e6csIyLKsi7LqKo6f08PQ0zb d20R09BHU/t48UGul7sPc1HU5/NpHFNV1U1T589zROTP9t3feG17GYbUtv3y6vJMPwz9OPaxtnzm P/a2yySvLbfvD0NfFNG2y8L5j0Z4Dy//Wi6K3OZ+/b7I5YlubRkYx36q6i16Fs8uk6a5HNvU7VoS XrxMyrIuy/y11VfVZf0y6vPlmZePiHGsXSbIo7+BsqzLqv7OtVoUURT109NS+2nbU9ddmu8GxK67 VFUahtP6q+Q0DH3bXiLqiH0rzDe3W5W33Vin+19Y8C6ef5i7rs6V0Vz4eXqat6xZfOPqWEcy1XmF 4xhtW09T5O/aF67Bu6ujurStv9B49++Otb5Q5Sf67S+ou++L/D0yDHNefrtAlkRbvLDmJlc9i+t1 99eXSXF/oZVlfbs5+EOuzfp3ne/pL5Ne7ie6lX/Gcf379Bu/GooickvNEianyH8o34bRb6qqGMZ+ HPquO5VletUuwmMMQ38e+vO5z63zzz/MuYtnVV2WxoS4tkUO44sf77qqrm0Rw9BX1bUa+tdXa1Hn KlHbnqoqqfrwbl8cRU6Zp7brz+d+GPr8MX7+fZGrmF3Xj2N/PKZh6P/yY5u7hMVPXSZVVUcR53O+ TFLXnVwm/FHGsf+0849WVV2Wde4zXjV129ZTRFVdxrE/f2NERdPURVFvj8exr6q0xtP+L38TVVXd rr1IfbZ43zyaP/m5Mvr8w9w0l4jIzYu5G3RubR+G/lsf9a67bF+QTXMZhj4PgXrNwIthuJTlUi7q uouxGryjbpjLsj4Pp647lWWdr4Xn3xdVVXfdZRhObXvKPT7/8mNbFLH/5f+jl8nT2nO0LOt9cQT+ EGn76+3p6bJ+XX30bivTFPfdd6aYIopiuey3/d9f0vnJ7Zn9Me4P+bqG6WZcR7Fs52Y922L3Kw/1 Ud7zAomXPro3zxTfvDpuPr27j/f+Y3+/idtLb7tC7558funBu18jr/m+iOe/+Z+trSiul8xfXybT S98mLhP+jKtv+3hvc1o3Tf1b5lEAAD5NHnW/UAAA3pM8CgCAPAoAgDwKAADyKAAA8igAAMijAADI owAA8Fhf33yNbnIGAPBZPeKmSV9/i70EAOCz0l4PAIA8CgCAPAoAAPIoAADyKAAAyKMAAMijAAAg jwIAII8CAIA8CgCAPAoAAPIoAADyKAAAyKMAAPy2pkkeBQDgXcmjAADIowAAyKMAACCPAgAgjwIA gDwKAIA8CgAA8igAAPIoAADIowAAyKMAACCPAgAgjwIAgDwKAIA8CgAA8igAAPIoAADIowAAyKMA ACCPAgAgjwIAgDwKAIA8CgAA8igAAPIoAADEMPTyKAAA76ZpankUAID3JI8CACCPAgAgjwIAgDwK AIA8CgAA8igAAPIoAADIowAAyKPwUCklJwEA5FEQSQEAeRSRFACQR0EkBQDkUURSAEAeBZEUAJBH EUkBAHkURFIA4O19dQr4gOZ5dhIA4A+hPooYCgDIo7CG0fy/WuoBQB6FdwijAIA8Ch8lmyqRAoA8 CgAAD2d8PR+R5nsA+HOojwIAII8CACCPAgCAPAoAgDwKAADyKAAA8igAAMijAADIowAAII8CACCP AgCAPAoAgDwKAADyKAAA8igAAMijAADIowAAII8CACCPAgCAPAoAgDwKAADyKAAA8igAAMijAADI owAAII8CACCPAgAgjwIAgDwKAIA8CgAA8igAAPIoAADIowAAyKMAACCPAgAgjwIAgDwKAIA8CgAA 8igAAPIoAADIowAAyKMAACCPAgAgjwIAgDwKAIA8CgAA8igAAPIoAADIowAAyKMAACCPAgAgjwIA II8CAIA8CgDAH2ia5FEAAN6VPAoAgDwKAIA8CgAA8igAAPIoAADIowAAyKMAACCPAgDwSRWFPAoA wLuSRwEAkEcBAJBHAQBAHgUAQB4FAAB5FAAAeRQAAORRAADkUQAAkEcBAJBHAQBAHgUAQB4FAAB5 FAAAeRQAAORRAADkUQAA+BFfX3x2mpwZAADeKY8WhdMCAMAvor0eAAB5FAAAeRQAAORRAADkUQAA +FW+OgUAAD9tmvrHrbwo6l+5uUfssDwKAPDYMPpzCex1K4/h3FdN/Ws294gdfiXt9QAAvCd5FAAA eRQAAHkUAIC3Mgz98XhKKaWUjsfTMFzHIZXl6Xy+/vN87lNK+wV+wjTF8XhKZUoplWXar//Nnc/9 8XiSRwEAPq6c2IoixvEyjnNV1cfj6cWM2Lantjs9PV2q6ucHKk1TX5apKGIcLuM4t+2lbU8PjaRv Sx4FAHhTU7TtqesuXXcpirooomnqp6dL256m6T6MDkM/Dn8rjEZE2/ZVVe8313WXcey3rZS3ddNp irJMbXsqy1N+kJcchr4sT3nJrV67vL1Mx2f7L48CAHxEw9hHRHMbMauqLorYN8rnEuYwzH9/Cqdh 6JvbWZZyJI2I87kfhn4Y5nle6qZLZp4iIsbxMgzz+dxPU59b/Nu2nue56y7H42malsQ8DPM4zDln P+KMmX8UAOAtTVNEEVHcP1+W9Tj2EXVEdN0pIqKIrjvl4Pi3NvdtVVVX1VwU18W2B217iYiiiKKI cYgp+lxbze96eroUEcPQd+2lKCIiuu5SlikeUCJVHwUAeEtFETHF89w2jn1ZblXMehjmp+6S65d/ d3MvpNR97jyllKrqfshU8VJi3gfZKGKa4tguo7LKMkXEFG/fLVUeBQB4S1VZR8T5NvwNQz9NsfUT bdu6KKKq6qap27/dL7Oq6rvRS+ehL6u0tbCP4zyOc9f9RceArctpRLRtP019UcTT02VejePlETeI kkcBAN5UEV13adtT256moZ+mZbh909TPS5Jde4mo/2a/zKaph6Fv21PuBno+92176trL1mcgt9e3 7RY3+xdDbX5vTDEM/fl8iqirqm7bfpqWQVpVddJeDwDwG8gD6qcpyuOpLFPX9Xm4/YvhdRiWNPnT m8vdPacp8nj5vLncE7Rp6nGMVKaqOuUxVfsi6M2OFPH0dOm6PpWpbU9PT5eiiK69VFVUVUplmqYY uksUb3+60lY3fnq6+PQAALzeNPWPaL9eVx7j0Fe7gfMP3dwjdvg7thn1m6Y2vh4A4G8GsU+9ucc7 FIUPEQAA7yAH0Wv/0WlyTgAAeLh97JymOGwTTY1D7+wAAPBoW+zMQfTr1l5/fnX/UwAAIqIo6uH8 wIreXTZ79ObefIe/5W5y1q+xTkkVEcPQV5VICgDwxgnsN93cIzy/H9UhdveGOp812QMA8EBb4BzH Pk+GeoiIorjewPRv3h4AAAC+ZYuaRRERdR7XtIyvz/P1R+R7SYmkAAC8fRjNfUSLIqqqjuiLfR6N iKqsY42kx+NpMNweAIC3MAz98Xjapnkqy/o89NO09BpNRRFlVTd5GNN0P9ypaeotpwIAwA+YYhj7 uxFK49hPUxRFtO0lj6pPVVWPY5//PQz9MPTb8CYAAHgrazP9vS9V9a9p+o9//jPK8l8p/euf/4z/ /t/r//pf/zVN/+GsAQDwJkn03/6t/rd/+9eLr369WzSiHoZ+miIPv88Z1q1EAQD40Qwa67yixXc7 f/5flkLw9YvLt9YAAAAASUVORK5CYII= --=_3bd4807380444da89f7b6ed947d4d506 Content-Transfer-Encoding: base64 Content-Type: application/x-gzip; name=engine.tar.gz Content-Disposition: attachment; filename=engine.tar.gz; size=588 H4sIADrhqlcAA+2WvW7bMBSFPfcpuKUFTIOXvPzLHATo0BZFAC9BBv66Qm0LkOUMffrSyBDbcZpF bBGU30JA0nA+8fJIabvqtmmx7lezarCCUnhYQUt2vB6QEtQMuJZcSq05nzEACXpGWL1Iz+x3oxsI mW270P/pubfuv1M4A0WZocAIs9eMXwOba67I56+33wi574fVon/shnGRngYl9ENaPMadH/qfaVhs +m039kO3XS2Wm93d6MZuN3Zhd5vG8CMND+TjTcpuvx6/790w/rorF+N+nQb9idw/kKenIhGSLL/s SB76DVne3JGrrJ0HmxOVYDlFxzk1JmQaTGTlumNC86sPL7PDHCXUzs5LdmRaZR3TswPnZw4QTVaY PE0agaJxSJ3gjGrtM+SEOZvwioOWtR2gOIicXLaRHznYFw7C+2gNTVwFigEk9UYXJROFVRIYN/qC A5dzjtX34bID4JmD5zF7i5JGrTRFdI46iZryCA6FgWySuOwgla3tIIoDBONRuSMHcT5LQjLIDALV zHqKQiG1Wjmqk81ZmuiV85cdLDO1HfCwD9FLlq2b/kwfHFD85T6Cs+xJCW8BVYkVkKJ2kfpYTkRm UjgTpC/n/FJ2NZei+gypkl05azhLFfqoOChV/f0DO9mAqYoI2VzY+mV6Gn6qBirhla0+PfZ08idq HoQ5iOrN80p7TtQ8BwdTf/IvfsWmaqDioMQ7/yMqDlZWnyU9RQH967/5RqPRaDQajUaj0Wg0Go1G o9FoNBqNxv/Ob3uZOyUAKAAA --=_3bd4807380444da89f7b6ed947d4d506--
On 08/10/2016 10:10 AM, nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
OK, it seems like some UI issue. Can you please force reload or clear browser cache? Maybe try different browser.
All this is done with the admin@internal user, so I guess this is not a self-permission issue.
Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm afraid there's no entry about that.
Thanks.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
Thanks _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
El 2016-08-10 09:32, Ondra Machacek escribió:
On 08/10/2016 10:10 AM, nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
OK, it seems like some UI issue. Can you please force reload or clear browser cache? Maybe try different browser.
Nope... Cleaned cache from Chrome, Firefox, same result. Even private windows have the same behaviour. By the way, we have 2 independent oVirt infrastructures, both upgraded from 3.6.7 and both have the same issue, I just had a look at the second and the same happens here (no log in engine.log either). This second is 4.0.0 instead of 4.0.0, FWIW.
All this is done with the admin@internal user, so I guess this is not a self-permission issue.
Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm afraid there's no entry about that.
Thanks.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
Thanks _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
El 2016-08-10 13:36, nicolas@devels.es escribió:
El 2016-08-10 09:32, Ondra Machacek escribió:
On 08/10/2016 10:10 AM, nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
OK, it seems like some UI issue. Can you please force reload or clear browser cache? Maybe try different browser.
Nope... Cleaned cache from Chrome, Firefox, same result. Even private windows have the same behaviour. By the way, we have 2 independent oVirt infrastructures, both upgraded from 3.6.7 and both have the same issue, I just had a look at the second and the same happens here (no log in engine.log either). This second is 4.0.0 instead of 4.0.0, FWIW.
I meant: This second is 4.0.0 instead of 4.0.1
All this is done with the admin@internal user, so I guess this is not a self-permission issue.
Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm afraid there's no entry about that.
Thanks.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
Thanks _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
Its highly likely the dropdown is there, but its scrolled below the bottom of the dialog and thus you can't see it. I thought I made sure all the dialogs were working, seems like I missed one. Let me check it out and see what is going on.
All this is done with the admin@internal user, so I guess this is not a self-permission issue.
Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm afraid there's no entry about that.
Thanks.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
Thanks _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1, and we're trying to grant a permission to a user on a VM. Thing is when we open the 'Permissions' subtab on that VM, we click on Add, the LDAP backend shows up but any value entered into the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
Its highly likely the dropdown is there, but its scrolled below the bottom of the dialog and thus you can't see it. I thought I made sure all the dialogs were working, seems like I missed one. Let me check it out and see what is going on.
Okay I double checked, I went to the VMs main tab, selected a VM, then went to the permissions sub tab. Clicked add. The dialog that popped up looks like the one attached, which is what I was expecting. The one you attached appears to be missing some styling, which is likely what caused the Role to Assign part to be scrolled below the bottom of the page. Can you complete clear your cache (not shift reload, but settings->clear cache). If that doesn't work can you tell us the version of the patternfly rpm installed on your engine? Alexander
All this is done with the admin@internal user, so I guess this is not a self-permission issue.
Interesting thing is that I can successfully log-in to the user portal with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the ovirt-engine-extension-aaa-ldap-setup tool, the configuration it returns is pretty similar to ours, and even the test commands (Login, Search) work successfully (I can see search returning user's data like name, surname, ...). We even applied this configuration to engine to see if it makes a difference but the result is the same, the search dialog returns nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm afraid there's no entry about that.
Thanks.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
Thanks _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
--=_c4730d24f09a9670f95c37952b502f09 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8; format=flowed El 2016-08-10 14:46, Nicolás escribió:
En 10/8/2016 2:29 p. m., Alexander Wels <awels@redhat.com> escribió:
On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1 [1], and we're trying to grant a permission to
a
user on a VM. Thing is when we open the 'Permissions' subtab on that
VM,
we click on Add, the LDAP backend shows up but any value entered into
the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last
week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
Its highly likely the dropdown is there, but its scrolled below the bottom
of the dialog and thus you can't see it. I thought I made sure all the
dialogs were working, seems like I missed one. Let me check it out and see
what is going on.
Okay I double checked, I went to the VMs main tab, selected a VM, then went to
the permissions sub tab. Clicked add. The dialog that popped up looks like the
one attached, which is what I was expecting. The one you attached appears to
be missing some styling, which is likely what caused the Role to Assign part
to be scrolled below the bottom of the page.
Can you complete clear your cache (not shift reload, but settings->clear
cache). If that doesn't work can you tell us the version of the patternfly rpm
installed on your engine?
Yes, I already did that, also opened the engine on different clients and the behavior is the same, I believe this is not a client issue. Patternfly package is patternfly1-1.3.0-1.el7.centos.noarch
Anyhow, I see there are lots of packages to update so I'll do so within a few days and report results.
So I was able to update all packages, restart run engine-setup just in case, restart ovirt-engine and the situation is the same. I remembered we also have a dev. environment oVirt installation which we upgraded from 3.6.7 to 4.0.1 and same happens here, so finally we have 3 independent oVirt installations with the same problem. There's something not working as intended. I'm attaching a list of packages on oVirt engine and their versions if you want to check if there's something wrong with versioning, although everything seems to be ok. Thanks!
All this is done with the admin@internal user, so I guess this is not
a
self-permission issue.
Interesting thing is that I can successfully log-in to the user portal
with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the
ovirt-engine-extension-aaa-ldap-setup tool, the configuration it
returns
is pretty similar to ours, and even the test commands (Login, Search)
work successfully (I can see search returning user's data like name,
surname, ...). We even applied this configuration to engine to see if
it
makes a difference but the result is the same, the search dialog
returns
nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm
afraid there's no entry about that.
Thanks.
[1] https [2]://bugzilla.redhat.com/show_bug.cgi?id=1356675 [2]
Thanks
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
Links: ------ [1] http://4.0.1.1 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1356675 [3] http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users --=_c4730d24f09a9670f95c37952b502f09 Content-Transfer-Encoding: base64 Content-Type: text/plain; name=packages.txt Content-Disposition: attachment; filename=packages.txt; size=2154
b3ZpcnQtZW5naW5lLTQuMC4xLjEtMS5lbDcuY2VudG9zLm5vYXJjaApvdmlydC1lbmdpbmUtYmFj a2VuZC00LjAuMS4xLTEuZWw3LmNlbnRvcy5ub2FyY2gKb3ZpcnQtZW5naW5lLWNsaS0zLjYuOC4w LTEuZWw3LmNlbnRvcy5ub2FyY2gKb3ZpcnQtZW5naW5lLWRhc2hib2FyZC0xLjAuMC0wLjIuMjAx NjA2MTBnaXQ1ZDIxMGVhLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0LWVuZ2luZS1kYnNjcmlwdHMt NC4wLjEuMS0xLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0LWVuZ2luZS1kd2gtNC4wLjEtMS5lbDcu Y2VudG9zLm5vYXJjaApvdmlydC1lbmdpbmUtZHdoLXNldHVwLTQuMC4xLTEuZWw3LmNlbnRvcy5u b2FyY2gKb3ZpcnQtZW5naW5lLWV4dGVuc2lvbi1hYWEtamRiYy0xLjEuMC0xLmVsNy5ub2FyY2gK b3ZpcnQtZW5naW5lLWV4dGVuc2lvbi1hYWEtbGRhcC0xLjIuMS0xLmVsNy5ub2FyY2gKb3ZpcnQt ZW5naW5lLWV4dGVuc2lvbi1hYWEtbGRhcC1zZXR1cC0xLjIuMS0xLmVsNy5ub2FyY2gKb3ZpcnQt ZW5naW5lLWV4dGVuc2lvbnMtYXBpLWltcGwtNC4wLjEuMS0xLmVsNy5jZW50b3Mubm9hcmNoCm92 aXJ0LWVuZ2luZS1qYm9zcy1hcy03LjEuMS0xLmVsNy5jZW50b3MueDg2XzY0Cm92aXJ0LWVuZ2lu ZS1saWItNC4wLjEuMS0xLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0LWVuZ2luZS1yZXN0YXBpLTQu MC4xLjEtMS5lbDcuY2VudG9zLm5vYXJjaApvdmlydC1lbmdpbmUtc2RrLXB5dGhvbi0zLjYuOC4w LTEuZWw3Lm5vYXJjaApvdmlydC1lbmdpbmUtc2V0dXAtNC4wLjEuMS0xLmVsNy5jZW50b3Mubm9h cmNoCm92aXJ0LWVuZ2luZS1zZXR1cC1iYXNlLTQuMC4xLjEtMS5lbDcuY2VudG9zLm5vYXJjaApv dmlydC1lbmdpbmUtc2V0dXAtcGx1Z2luLW92aXJ0LWVuZ2luZS00LjAuMS4xLTEuZWw3LmNlbnRv cy5ub2FyY2gKb3ZpcnQtZW5naW5lLXNldHVwLXBsdWdpbi1vdmlydC1lbmdpbmUtY29tbW9uLTQu MC4xLjEtMS5lbDcuY2VudG9zLm5vYXJjaApvdmlydC1lbmdpbmUtc2V0dXAtcGx1Z2luLXZtY29u c29sZS1wcm94eS1oZWxwZXItNC4wLjEuMS0xLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0LWVuZ2lu ZS1zZXR1cC1wbHVnaW4td2Vic29ja2V0LXByb3h5LTQuMC4xLjEtMS5lbDcuY2VudG9zLm5vYXJj aApvdmlydC1lbmdpbmUtdG9vbHMtNC4wLjEuMS0xLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0LWVu Z2luZS10b29scy1iYWNrdXAtNC4wLjEuMS0xLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0LWVuZ2lu ZS11c2VycG9ydGFsLTQuMC4xLjEtMS5lbDcuY2VudG9zLm5vYXJjaApvdmlydC1lbmdpbmUtdXNl cnBvcnRhbC1kZWJ1Z2luZm8tNC4wLjEuMS0xLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0LWVuZ2lu ZS12bWNvbnNvbGUtcHJveHktaGVscGVyLTQuMC4xLjEtMS5lbDcuY2VudG9zLm5vYXJjaApvdmly dC1lbmdpbmUtd2ViYWRtaW4tcG9ydGFsLTQuMC4xLjEtMS5lbDcuY2VudG9zLm5vYXJjaApvdmly dC1lbmdpbmUtd2ViYWRtaW4tcG9ydGFsLWRlYnVnaW5mby00LjAuMS4xLTEuZWw3LmNlbnRvcy5u b2FyY2gKb3ZpcnQtZW5naW5lLXdlYnNvY2tldC1wcm94eS00LjAuMS4xLTEuZWw3LmNlbnRvcy5u b2FyY2gKb3ZpcnQtZW5naW5lLXdpbGRmbHktMTAuMC4wLTEuZWw3Lng4Nl82NApvdmlydC1lbmdp bmUtd2lsZGZseS1vdmVybGF5LTEwLjAuMC0xLmVsNy5ub2FyY2gKb3ZpcnQtZ3Vlc3QtdG9vbHMt aXNvLTQuMC0xLmZjMjMubm9hcmNoCm92aXJ0LWhvc3QtZGVwbG95LTEuNS4xLTEuZWw3LmNlbnRv cy5ub2FyY2gKb3ZpcnQtaG9zdC1kZXBsb3ktamF2YS0xLjUuMS0xLmVsNy5jZW50b3Mubm9hcmNo Cm92aXJ0LWltYWdlLXVwbG9hZGVyLTQuMC4wLTEuZWw3LmNlbnRvcy5ub2FyY2gKb3ZpcnQtaXNv LXVwbG9hZGVyLTQuMC4wLTEuZWw3LmNlbnRvcy5ub2FyY2gKb3ZpcnQtcmVsZWFzZTQwLTQuMC4y LTIubm9hcmNoCm92aXJ0LXNldHVwLWxpYi0xLjAuMi0xLmVsNy5jZW50b3Mubm9hcmNoCm92aXJ0 LXZtY29uc29sZS0xLjAuNC0xLmVsNy5ub2FyY2gKb3ZpcnQtdm1jb25zb2xlLXByb3h5LTEuMC40 LTEuZWw3Lm5vYXJjaApwYXR0ZXJuZmx5MS0xLjMuMC0xLmVsNy5jZW50b3Mubm9hcmNoCnB5dGhv bi1vdmlydC1lbmdpbmUtc2RrNC00LjAuMC0wLjUuYTUuZWw3Lng4Nl82NAoK --=_c4730d24f09a9670f95c37952b502f09--
El 2016-08-10 14:46, Nicolás escribió:
En 10/8/2016 2:29 p. m., Alexander Wels <awels@redhat.com> escribió:
On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
Hi,
We're running oVirt 4.0.1.1 [1], and we're trying to grant a permission to
a
user on a VM. Thing is when we open the 'Permissions' subtab on that
VM,
we click on Add, the LDAP backend shows up but any value entered into
the search box returns nothing, even when I know the values exist.
This has been working on oVirt 3.x, we actually migrated to 4.x last
week and didn't notice this issue.
Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
Its highly likely the dropdown is there, but its scrolled below the bottom
of the dialog and thus you can't see it. I thought I made sure all the
dialogs were working, seems like I missed one. Let me check it out and see
what is going on.
Okay I double checked, I went to the VMs main tab, selected a VM, then went to
the permissions sub tab. Clicked add. The dialog that popped up looks like the
one attached, which is what I was expecting. The one you attached appears to
be missing some styling, which is likely what caused the Role to Assign part
to be scrolled below the bottom of the page.
Can you complete clear your cache (not shift reload, but settings->clear
cache). If that doesn't work can you tell us the version of the patternfly rpm
installed on your engine?
Yes, I already did that, also opened the engine on different clients and the behavior is the same, I believe this is not a client issue. Patternfly package is patternfly1-1.3.0-1.el7.centos.noarch
Ok, this indeed seems like a graphics problem since I am seeing this connecting to a machine through a VNC server and the Role combobox is moved down out of the dialog. However, the LDAP issue persists. When I choose the 'internal' domain, I can search the 'admin' user successfully, however, if I set it to be the LDAP domain, any search returns nothing. Any hints or ideas how to debug this? Thanks.
Anyhow, I see there are lots of packages to update so I'll do so within a few days and report results.
All this is done with the admin@internal user, so I guess this is not
a
self-permission issue.
Interesting thing is that I can successfully log-in to the user portal
with a LDAP based user and manage all the VMs assigned to them.
Just to see if there's been any configuration change, we also run the
ovirt-engine-extension-aaa-ldap-setup tool, the configuration it
returns
is pretty similar to ours, and even the test commands (Login, Search)
work successfully (I can see search returning user's data like name,
surname, ...). We even applied this configuration to engine to see if
it
makes a difference but the result is the same, the search dialog
returns
nothing and neither I can see the permission to grant.
Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm
afraid there's no entry about that.
Thanks.
[1] https [2]://bugzilla.redhat.com/show_bug.cgi?id=1356675 [2]
Thanks
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
Links: ------ [1] http://4.0.1.1 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1356675 [3] http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
On 08/12/2016 05:53 PM, nicolas@devels.es wrote:
El 2016-08-10 14:46, Nicolás escribió:
En 10/8/2016 2:29 p. m., Alexander Wels <awels@redhat.com> escribió:
On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
On 08/10/2016 09:37 AM, Nicolás wrote:
> Hi,
>
> We're running oVirt 4.0.1.1 [1], and we're trying to grant a permission to
> a
> user on a VM. Thing is when we open the 'Permissions' subtab on that
> VM,
> we click on Add, the LDAP backend shows up but any value entered into
> the search box returns nothing, even when I know the values exist.
>
> This has been working on oVirt 3.x, we actually migrated to 4.x last
> week and didn't notice this issue.
>
> Additionally, there's no combobox to choose the permission to grant?
There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
Its highly likely the dropdown is there, but its scrolled below the bottom
of the dialog and thus you can't see it. I thought I made sure all the
dialogs were working, seems like I missed one. Let me check it out and see
what is going on.
Okay I double checked, I went to the VMs main tab, selected a VM, then went to
the permissions sub tab. Clicked add. The dialog that popped up looks like the
one attached, which is what I was expecting. The one you attached appears to
be missing some styling, which is likely what caused the Role to Assign part
to be scrolled below the bottom of the page.
Can you complete clear your cache (not shift reload, but settings->clear
cache). If that doesn't work can you tell us the version of the patternfly rpm
installed on your engine?
Yes, I already did that, also opened the engine on different clients and the behavior is the same, I believe this is not a client issue. Patternfly package is patternfly1-1.3.0-1.el7.centos.noarch
Ok, this indeed seems like a graphics problem since I am seeing this connecting to a machine through a VNC server and the Role combobox is moved down out of the dialog.
However, the LDAP issue persists. When I choose the 'internal' domain, I can search the 'admin' user successfully, however, if I set it to be the LDAP domain, any search returns nothing.
Any hints or ideas how to debug this?
Can you please enable debug log[1] and send it here? [1] https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/README#...
Thanks.
Anyhow, I see there are lots of packages to update so I'll do so within a few days and report results.
> All this is done with the admin@internal user, so I guess this is not
> a
> self-permission issue.
>
> Interesting thing is that I can successfully log-in to the user portal
> with a LDAP based user and manage all the VMs assigned to them.
>
> Just to see if there's been any configuration change, we also run the
> ovirt-engine-extension-aaa-ldap-setup tool, the configuration it
> returns
> is pretty similar to ours, and even the test commands (Login, Search)
> work successfully (I can see search returning user's data like name,
> surname, ...). We even applied this configuration to engine to see if
> it
> makes a difference but the result is the same, the search dialog
> returns
> nothing and neither I can see the permission to grant.
>
> Any hint about this?
Maybe you hit similar issue to this one[1].
Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm
afraid there's no entry about that.
Thanks.
[1] https [2]://bugzilla.redhat.com/show_bug.cgi?id=1356675 [2]
> Thanks
> _______________________________________________
> Users mailing list
> Users@ovirt.org
> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
Links: ------ [1] http://4.0.1.1 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1356675 [3] http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
El 2016-08-12 20:38, Ondra Machacek escribió:
On 08/12/2016 05:53 PM, nicolas@devels.es wrote:
El 2016-08-10 14:46, Nicolás escribió:
En 10/8/2016 2:29 p. m., Alexander Wels <awels@redhat.com> escribió:
On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
El 2016-08-10 08:58, Ondra Machacek escribió:
> On 08/10/2016 09:37 AM, Nicolás wrote:
>> Hi,
>>
>> We're running oVirt 4.0.1.1 [1], and we're trying to grant a permission to
>> a
>> user on a VM. Thing is when we open the 'Permissions' subtab on that
>> VM,
>> we click on Add, the LDAP backend shows up but any value entered into
>> the search box returns nothing, even when I know the values exist.
>>
>> This has been working on oVirt 3.x, we actually migrated to 4.x last
>> week and didn't notice this issue.
>>
>> Additionally, there's no combobox to choose the permission to grant?
>
> There should be combo box to choose a role.
I've attached a screenshot, seems there's not.
Its highly likely the dropdown is there, but its scrolled below the bottom
of the dialog and thus you can't see it. I thought I made sure all the
dialogs were working, seems like I missed one. Let me check it out and see
what is going on.
Okay I double checked, I went to the VMs main tab, selected a VM, then went to
the permissions sub tab. Clicked add. The dialog that popped up looks like the
one attached, which is what I was expecting. The one you attached appears to
be missing some styling, which is likely what caused the Role to Assign part
to be scrolled below the bottom of the page.
Can you complete clear your cache (not shift reload, but settings->clear
cache). If that doesn't work can you tell us the version of the patternfly rpm
installed on your engine?
Yes, I already did that, also opened the engine on different clients and the behavior is the same, I believe this is not a client issue. Patternfly package is patternfly1-1.3.0-1.el7.centos.noarch
Ok, this indeed seems like a graphics problem since I am seeing this connecting to a machine through a VNC server and the Role combobox is moved down out of the dialog.
However, the LDAP issue persists. When I choose the 'internal' domain, I can search the 'admin' user successfully, however, if I set it to be the LDAP domain, any search returns nothing.
Any hints or ideas how to debug this?
Can you please enable debug log[1] and send it here?
[1] https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/README#...
Thanks. I was now able to see why it is failing: TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-13) [] SearchRequest: Exception: LDAPSearchException(resultCode=11 (admin limit exceeded), numEntries=0, numReferences=0, errorMessage='admin limit exceeded') Indeed, if I run that query using the ldapsearch command I can clearly see it is returning an "admin limit exceeded" error. The applied filter is: (&(objectClass=posixAccount)(uid=*)(|(givenName=username)(sn=username)(displayName=username)(uid=username))) Strange thing is this hasn't been an issue on oVirt 3.6.x and we've not changed our LDAP configuration. Has the filter been changed in 4.x by default? If so, is there a way to override the filter to make it simpler? (In our case we'll always seek by username, so no need to search by givenName, sn or displayName). Thanks.
Thanks.
Anyhow, I see there are lots of packages to update so I'll do so within a few days and report results.
>> All this is done with the admin@internal user, so I guess this is not
>> a
>> self-permission issue.
>>
>> Interesting thing is that I can successfully log-in to the user portal
>> with a LDAP based user and manage all the VMs assigned to them.
>>
>> Just to see if there's been any configuration change, we also run the
>> ovirt-engine-extension-aaa-ldap-setup tool, the configuration it
>> returns
>> is pretty similar to ours, and even the test commands (Login, Search)
>> work successfully (I can see search returning user's data like name,
>> surname, ...). We even applied this configuration to engine to see if
>> it
>> makes a difference but the result is the same, the search dialog
>> returns
>> nothing and neither I can see the permission to grant.
>>
>> Any hint about this?
>
> Maybe you hit similar issue to this one[1].
>
> Can you please share engine.log, while you hit search button?
I'm also attaching the log at the time I hit the search button, but I'm
afraid there's no entry about that.
Thanks.
> [1] https [2]://bugzilla.redhat.com/show_bug.cgi?id=1356675 [2]
>
>> Thanks
>> _______________________________________________
>> Users mailing list
>> Users@ovirt.org
>> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
Links: ------ [1] http://4.0.1.1 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1356675 [3] http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
On 08/13/2016 12:44 AM, nicolas@devels.es wrote:
El 2016-08-12 20:38, Ondra Machacek escribió:
On 08/12/2016 05:53 PM, nicolas@devels.es wrote:
El 2016-08-10 14:46, Nicolás escribió:
En 10/8/2016 2:29 p. m., Alexander Wels <awels@redhat.com> escribió:
On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
> El 2016-08-10 08:58, Ondra Machacek escribió:
> > On 08/10/2016 09:37 AM, Nicolás wrote:
> >> Hi,
> >>
> >> We're running oVirt 4.0.1.1 [1], and we're trying to grant a permission to
> >> a
> >> user on a VM. Thing is when we open the 'Permissions' subtab on that
> >> VM,
> >> we click on Add, the LDAP backend shows up but any value entered into
> >> the search box returns nothing, even when I know the values exist.
> >>
> >> This has been working on oVirt 3.x, we actually migrated to 4.x last
> >> week and didn't notice this issue.
> >>
> >> Additionally, there's no combobox to choose the permission to grant?
> >
> > There should be combo box to choose a role.
>
> I've attached a screenshot, seems there's not.
Its highly likely the dropdown is there, but its scrolled below the bottom
of the dialog and thus you can't see it. I thought I made sure all the
dialogs were working, seems like I missed one. Let me check it out and see
what is going on.
Okay I double checked, I went to the VMs main tab, selected a VM, then went to
the permissions sub tab. Clicked add. The dialog that popped up looks like the
one attached, which is what I was expecting. The one you attached appears to
be missing some styling, which is likely what caused the Role to Assign part
to be scrolled below the bottom of the page.
Can you complete clear your cache (not shift reload, but settings->clear
cache). If that doesn't work can you tell us the version of the patternfly rpm
installed on your engine?
Yes, I already did that, also opened the engine on different clients and the behavior is the same, I believe this is not a client issue. Patternfly package is patternfly1-1.3.0-1.el7.centos.noarch
Ok, this indeed seems like a graphics problem since I am seeing this connecting to a machine through a VNC server and the Role combobox is moved down out of the dialog.
However, the LDAP issue persists. When I choose the 'internal' domain, I can search the 'admin' user successfully, however, if I set it to be the LDAP domain, any search returns nothing.
Any hints or ideas how to debug this?
Can you please enable debug log[1] and send it here?
[1] https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/README#...
Thanks. I was now able to see why it is failing:
TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-13) [] SearchRequest: Exception: LDAPSearchException(resultCode=11 (admin limit exceeded), numEntries=0, numReferences=0, errorMessage='admin limit exceeded')
This is server error, that number of entries to be returned is higher, than the limit set on server. You should either increase that limit server side, or don't use '*', but use some filter. ( ie. user* )
Indeed, if I run that query using the ldapsearch command I can clearly see it is returning an "admin limit exceeded" error.
The applied filter is: (&(objectClass=posixAccount)(uid=*)(|(givenName=username)(sn=username)(displayName=username)(uid=username)))
Strange thing is this hasn't been an issue on oVirt 3.6.x and we've not changed our LDAP configuration. Has the filter been changed in 4.x by default?
It didn't.
If so, is there a way to override the filter to make it simpler? (In our case we'll always seek by username, so no need to search by givenName, sn or displayName).
Filtering is constructed on client side, in this case ovirt-engine backend, so unfortunatelly it's not easilly modifiable.
Thanks.
Thanks.
Anyhow, I see there are lots of packages to update so I'll do so within a few days and report results.
> >> All this is done with the admin@internal user, so I guess this is not
> >> a
> >> self-permission issue.
> >>
> >> Interesting thing is that I can successfully log-in to the user portal
> >> with a LDAP based user and manage all the VMs assigned to them.
> >>
> >> Just to see if there's been any configuration change, we also run the
> >> ovirt-engine-extension-aaa-ldap-setup tool, the configuration it
> >> returns
> >> is pretty similar to ours, and even the test commands (Login, Search)
> >> work successfully (I can see search returning user's data like name,
> >> surname, ...). We even applied this configuration to engine to see if
> >> it
> >> makes a difference but the result is the same, the search dialog
> >> returns
> >> nothing and neither I can see the permission to grant.
> >>
> >> Any hint about this?
> >
> > Maybe you hit similar issue to this one[1].
> >
> > Can you please share engine.log, while you hit search button?
>
> I'm also attaching the log at the time I hit the search button, but I'm
> afraid there's no entry about that.
>
> Thanks.
>
> > [1] https [2]://bugzilla.redhat.com/show_bug.cgi?id=1356675 [2]
> >
> >> Thanks
> >> _______________________________________________
> >> Users mailing list
> >> Users@ovirt.org
> >> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
Links: ------ [1] http://4.0.1.1 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1356675 [3] http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
El 15/08/16 a las 13:28, Ondra Machacek escribió:
On 08/13/2016 12:44 AM, nicolas@devels.es wrote:
El 2016-08-12 20:38, Ondra Machacek escribió:
On 08/12/2016 05:53 PM, nicolas@devels.es wrote:
El 2016-08-10 14:46, Nicolás escribió:
En 10/8/2016 2:29 p. m., Alexander Wels <awels@redhat.com> escribió:
On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
> On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas@devels.es wrote:
>> El 2016-08-10 08:58, Ondra Machacek escribió:
>> > On 08/10/2016 09:37 AM, Nicolás wrote:
>> >> Hi,
>> >>
>> >> We're running oVirt 4.0.1.1 [1], and we're trying to grant a permission to
>> >> a
>> >> user on a VM. Thing is when we open the 'Permissions' subtab on that
>> >> VM,
>> >> we click on Add, the LDAP backend shows up but any value entered into
>> >> the search box returns nothing, even when I know the values exist.
>> >>
>> >> This has been working on oVirt 3.x, we actually migrated to 4.x last
>> >> week and didn't notice this issue.
>> >>
>> >> Additionally, there's no combobox to choose the permission to grant?
>> >
>> > There should be combo box to choose a role.
>>
>> I've attached a screenshot, seems there's not.
>
> Its highly likely the dropdown is there, but its scrolled below the bottom
> of the dialog and thus you can't see it. I thought I made sure all the
> dialogs were working, seems like I missed one. Let me check it out and see
> what is going on.
>
Okay I double checked, I went to the VMs main tab, selected a VM, then went to
the permissions sub tab. Clicked add. The dialog that popped up looks like the
one attached, which is what I was expecting. The one you attached appears to
be missing some styling, which is likely what caused the Role to Assign part
to be scrolled below the bottom of the page.
Can you complete clear your cache (not shift reload, but settings->clear
cache). If that doesn't work can you tell us the version of the patternfly rpm
installed on your engine?
Yes, I already did that, also opened the engine on different clients and the behavior is the same, I believe this is not a client issue. Patternfly package is patternfly1-1.3.0-1.el7.centos.noarch
Ok, this indeed seems like a graphics problem since I am seeing this connecting to a machine through a VNC server and the Role combobox is moved down out of the dialog.
However, the LDAP issue persists. When I choose the 'internal' domain, I can search the 'admin' user successfully, however, if I set it to be the LDAP domain, any search returns nothing.
Any hints or ideas how to debug this?
Can you please enable debug log[1] and send it here?
[1] https://github.com/oVirt/ovirt-engine-extension-aaa-ldap/blob/master/README#...
Thanks. I was now able to see why it is failing:
TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-13) [] SearchRequest: Exception: LDAPSearchException(resultCode=11 (admin limit exceeded), numEntries=0, numReferences=0, errorMessage='admin limit exceeded')
This is server error, that number of entries to be returned is higher, than the limit set on server. You should either increase that limit server side, or don't use '*', but use some filter. ( ie. user* )
That's the problem, the patterns we enter in the search box are specific usernames that usually return only one or 2 results at most from the LDAP directory, that's why I think this filter is needlessly too broad in our case. I've been making the query more specific on the command line (i.e., using ldapsearch) and removing some of the OR (|) clauses seems to return a lower number of entries below the limit, that's why I asked if it's possible to manually specify the filter. Do you think it would be useful to open a RFE on BZ asking for a feature to allow the user specify the filter? I'll see what's the best way to workaround this problem as is, either defining a user and allowing them a higher number of returned results or increasing the limit on the server side. Thanks.
Indeed, if I run that query using the ldapsearch command I can clearly see it is returning an "admin limit exceeded" error.
The applied filter is: (&(objectClass=posixAccount)(uid=*)(|(givenName=username)(sn=username)(displayName=username)(uid=username)))
Strange thing is this hasn't been an issue on oVirt 3.6.x and we've not changed our LDAP configuration. Has the filter been changed in 4.x by default?
It didn't.
If so, is there a way to override the filter to make it simpler? (In our case we'll always seek by username, so no need to search by givenName, sn or displayName).
Filtering is constructed on client side, in this case ovirt-engine backend, so unfortunatelly it's not easilly modifiable.
Thanks.
Thanks.
Anyhow, I see there are lots of packages to update so I'll do so within a few days and report results.
>> >> All this is done with the admin@internal user, so I guess this is not
>> >> a
>> >> self-permission issue.
>> >>
>> >> Interesting thing is that I can successfully log-in to the user portal
>> >> with a LDAP based user and manage all the VMs assigned to them.
>> >>
>> >> Just to see if there's been any configuration change, we also run the
>> >> ovirt-engine-extension-aaa-ldap-setup tool, the configuration it
>> >> returns
>> >> is pretty similar to ours, and even the test commands (Login, Search)
>> >> work successfully (I can see search returning user's data like name,
>> >> surname, ...). We even applied this configuration to engine to see if
>> >> it
>> >> makes a difference but the result is the same, the search dialog
>> >> returns
>> >> nothing and neither I can see the permission to grant.
>> >>
>> >> Any hint about this?
>> >
>> > Maybe you hit similar issue to this one[1].
>> >
>> > Can you please share engine.log, while you hit search button?
>>
>> I'm also attaching the log at the time I hit the search button, but I'm
>> afraid there's no entry about that.
>>
>> Thanks.
>>
>> > [1] https [2]://bugzilla.redhat.com/show_bug.cgi?id=1356675 [2]
>> >
>> >> Thanks
>> >> _______________________________________________
>> >> Users mailing list
>> >> Users@ovirt.org
>> >> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
>
> _______________________________________________
> Users mailing list
> Users@ovirt.org
> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
_______________________________________________
Users mailing list
Users@ovirt.org
http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/ [3]users [3]
Links: ------ [1] http://4.0.1.1 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1356675 [3] http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
participants (4)
-
Alexander Wels -
nicolas@devels.es -
Nicolás
-
Ondra Machacek