5:07 p.m.
I've just upgraded our ovirt engine server to ovirt 4.6 and it appears
that LDAP logins no longer work. When I attempt to log in using an AD
account the following errors are shown in the engine log.
2018-09-11 10:03:44,610-04 ERROR
[org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet] (default
task-10) [] Internal Server Error: Cannot locate principal
'username(a)example.com'
2018-09-11 10:03:44,610-04 ERROR
[org.ovirt.engine.core.sso.utils.SsoUtils] (default task-10) [] Cannot
locate principal 'username(a)example.com'
2018-09-11 10:03:44,645-04 ERROR
[org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default
task-10) [] server_error: Cannot locate principal 'username(a)example.com'
I have not changed any LDAP settings and ldapsearch is able to find this
object without any issues. Does anybody have any idea what would cause
this?
5:41 p.m.
New subject: LDAP authentication does not work after engine upgrade to ovirt 4.6
For those wondering, I was able to fix this by running
ovirt-engine-extension-aaa-ldap-setup and setting the CA certificate
method to "Insecure".
Please select method to obtain PEM encoded CA certificate (File, URL,
Inline, System, Insecure): Insecure
I was previously using "System" but that does not work despite our
internal CA being installed as a trusted certificate authority.
On 09/11/2018 10:07 AM, Michael Watters wrote:
I've just upgraded our ovirt engine server to ovirt 4.6 and it
appears
that LDAP logins no longer work. When I attempt to log in using an AD
account the following errors are shown in the engine log.
2018-09-11 10:03:44,610-04 ERROR
[org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet] (default
task-10) [] Internal Server Error: Cannot locate principal
'username(a)example.com'
2018-09-11 10:03:44,610-04 ERROR
[org.ovirt.engine.core.sso.utils.SsoUtils] (default task-10) [] Cannot
locate principal 'username(a)example.com'
2018-09-11 10:03:44,645-04 ERROR
[org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default
task-10) [] server_error: Cannot locate principal 'username(a)example.com'
I have not changed any LDAP settings and ldapsearch is able to find this
object without any issues. Does anybody have any idea what would cause
this?
_______________________________________________
Users mailing list -- users(a)ovirt.org
To unsubscribe send an email to users-leave(a)ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/JRRXINSYZXL...
2260
days inactive
2260
days old
1 comments
1 participants
participants (1)
-
Michael Watters