10:17 a.m.
I have a fresh installation of a 4.5.1 hosted engine and the admin password I set during
the process isn't working. I reset the password for the admin user from a root shell
on the HE using the
ovirt-aaa-jdbc-tool utility and still no dice. I found a log file for "keycloak"
that I tailed while logging in and discovered that keycloak was denying me. I am not
familiar with keycloak at all. It appears as though I enabled keycloak during the
deployment.
Just a few quick answers may get me back to where I need to be:
1. How do I log into the web management portal ? Previously it was admin@internal and then
the password
2. If keycloak is looking for some kind of directory server outside of the engine I
don't have one, if the engine is the keycloak server what are my credentials for the
HE portal ?
3. Can I re-run engine-setup and turn Keycloak off so that I have internal based
authentication ?
Below is dump of my engine-setup command results:
Default SAN wipe after delete : False
Host FQDN : ovirtmgmt.mycompany.com
Firewall manager : firewalld
Update Firewall : True
Set up Cinderlib integration : False
Keycloak installation : True
Engine database host : localhost
Engine database port : 5432
Engine database secured connection : False
Engine database host name validation : False
Engine database name : engine
Engine database user name : engine
Engine installation : True
PKI organization : mycompany.com
Set up ovirt-provider-ovn : True
Grafana integration : True
Grafana database user name : ovirt_engine_history_grafana
Keycloak database host : localhost
Keycloak database port : 5432
Keycloak database secured connection : False
Keycloak database host name validation : False
Keycloak database name : ovirt_engine_keycloak
Keycloak database user name : ovirt_engine_keycloak
Configure VMConsole Proxy : True
Configure WebSocket Proxy : True
DWH installation : True
DWH database host : localhost
DWH database port : 5432
DWH database secured connection : False
DWH database host name validation : False
DWH database name : ovirt_engine_history
DWH database user name : ovirt_engine_history
Backup DWH database : True
10:31 a.m.
Below is a clip from keycloak.log:
2022-06-29 10:19:07,007-05 WARN [org.keycloak.events] (default task-1) []
type=LOGIN_ERROR, realmId=0dd6bd82-1891-4dd9-b3bd-9d06b10de669,
clientId=ovirt-engine-internal, userId=null, ipAddress=10.1.1.243, error=user_not_found,
auth_method=openid-connect, auth_type=code,
redirect_uri=https://ovirtmgmt.mycompany.com/ovirt-engine-grafana/login/g...,
code_id=3604ab03-f6ac-4c37-bc09-7b9134fab738, username=admin,
authSessionParentId=3604ab03-f6ac-4c37-bc09-7b9134fab738, authSessionTabId=aFumUTpYJd
And another one:
2022-06-29 10:07:54,551-05 WARN [org.keycloak.events] (default task-1) []
type=LOGIN_ERROR, realmId=0dd6bd82-1891-4dd9-b3bd-9d06b10de669,
clientId=ovirt-engine-internal, userId=null, ipAddress=10.1.1.243, error=user_not_found,
auth_method=openid-connect,
redirect_uri=https://ovirtmgmt.mycompany.com/ovirt-engine/callback,
code_id=3604ab03-f6ac-4c37-bc09-7b9134fab738, username=admin,
authSessionParentId=3604ab03-f6ac-4c37-bc09-7b9134fab738, authSessionTabId=xAhvvzLK6ZE
11:07 a.m.
Disregard this entry. I have solved my own problem by net research. It appears that the
default username has been changed from admin@internal to admin@ovirt.
1021
days inactive
1021
days old
2 comments
1 participants
participants (1)
-
Clint Boggio