12:35 p.m.
--_007_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_
Content-Type: multipart/related;
boundary="_006_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_";
type="multipart/alternative"
--_006_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_
Content-Type: multipart/alternative;
boundary="_000_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_"
--_000_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Hi all,
I'm trying to add a domain (active directory), but I can't get it to work.
The command I execute is:
rhevm-manage-domains -action=3Dadd -domain=3D'FPT.LOCAL'
-user=3D'fptadmin'=
-interactive
Attached you can find:
- Output of the command
- Logs from /var/log/rhevm/rhevm-manage-domains/rhevm-manage-domai=
ns.log
I found a RHEV KB saying:
For Error: LDAP query Failed, make sure the Active Directory server and the=
RHEVM server have the correct PTR records in the DNS reverse lookup zone f=
ile
And another one says:
It's required to create PTR entry into DNS for the following:
* Name Server (NS) - Start of Authority (SOA)
Example: WIN-TL8JB8JAG8.ad.mydomain.com.
* Active Directory Name
Example: ad.mydomain.com.
* RHEVM machine
Example: rhevm.ad.mydomain.com.
We are fulfilling this requirement, as nslookup of these 3 machines' IP wor=
k.
Additional info.
These commands work (if you need I can paste the full output):
#dig SRV _kerberos._tcp.FPT.LOCAL
#dig SRV _kerberos._udp.FPT.LOCAL
#dig SRV _ldap._tcp.FPT.LOCAL
# kinit fptadmin02(a)FPT.LOCAL
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: fptadmin02(a)FPT.LOCAL
Valid starting Expires Service principal
08/30/12 15:55:46 08/31/12 01:55:51 krbtgt/FPT.LOCAL(a)FPT.LOCAL
renew until 09/06/12 15:55:46
Thank you very much in advance
Alberto Scotto
[Blue]
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
________________________________
--
The information transmitted is intended for the person or entity to which i=
t is addressed and may contain confidential and/or privileged material. Any=
review, retransmission, dissemination or other use of, or taking of any ac=
tion in reliance upon, this information by persons or entities other than t=
he intended recipient is prohibited. If you received this in error, please =
contact the sender and delete the material from any computer.
--_000_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html <head <meta http-equiv=3D"Content-Type"
content=3D"text/html; charset=3Dus-ascii"=
<style <!--
@font-face
{font-family:Wingdings}
@font-face
{font-family:Wingdings}
@font-face
{font-family:Calibri}
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif"}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline}
p
{margin-right:0cm;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif"}
code
{font-family:"Courier New"}
pre
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New"}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif"}
span.EmailStyle17
{font-family:"Calibri","sans-serif";
color:windowtext}
span.HTMLPreformattedChar
{font-family:"Courier New"}
.MsoChpDefault
{}
@page WordSection1
{margin:70.85pt 2.0cm 2.0cm 2.0cm}
div.WordSection1
{}
ol
{margin-bottom:0cm}
ul
{margin-bottom:0cm}
-- </style
</head <body lang=3D"IT"
link=3D"blue" vlink=3D"purple" <div
class=3D"WordSection1" <p
class=3D"MsoNormal"><span lang=3D"EN-US">Hi
all,</span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">I’m trying
to add a domai=
n (active directory), but I can’t get it to work.</span></p <p class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">The command I
execute is:</span=
></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">rhevm-manage-domains
-action=3D=
add -domain=3D'FPT.LOCAL' -user=3D'fptadmin'
–interactive</span></p <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">Attached you can
find:</span></=
p <p class=3D"MsoListParagraph"
style=3D"text-indent:-18.0pt"><span lang=3D"E=
N-US"><span style=3D"">-<span style=3D"font:7.0pt
"Times New Roman&quo=
t;">
</span></span></span><span lang=3D"EN-US">Output of the
command</span></p <p
class=3D"MsoListParagraph" style=3D"text-indent:-18.0pt"><span
lang=3D"E=
N-US"><span style=3D"">-<span style=3D"font:7.0pt
"Times New Roman&quo=
t;">
</span></span></span><span lang=3D"EN-US">Logs from
/var/log/rhevm/rhevm-ma=
nage-domains/rhevm-manage-domains.log</span></p <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">I found a RHEV KB
saying: </spa=
n></p <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">For
<strong><span style=3D"font=
-family:"Calibri","sans-serif"">Error: LDAP
query Faile=
d</span></strong>, make sure the Active Directory server
<strong><span
style=3D"font-family:"Calibri","sans-serif&quo=
t;">and</span></strong> the RHEVM server have the correct PTR records
in th=
e DNS reverse lookup zone file</span></p <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">And another one
says:</span></p=
<p><span lang=3D"EN-US">It's required
to create PTR entry into DNS for the =
following:</span></p <p
style=3D"margin-left:36.0pt; text-indent:-18.0pt"><span
lang=3D"EN-US" s=
tyle=3D"font-size:10.0pt; font-family:Symbol"><span
style=3D"">·<spa=
n style=3D"font:7.0pt "Times New
Roman""> =
</span></span></span><span lang=3D"EN-US">Name Server
(NS) - Start of Autho=
rity (SOA)<br Example:
WIN-TL8JB8JAG8.ad.mydomain.com.</span></p <p
style=3D"margin-left:36.0pt; text-indent:-18.0pt"><span
lang=3D"EN-US" s=
tyle=3D"font-size:10.0pt; font-family:Symbol"><span
style=3D"">·<spa=
n style=3D"font:7.0pt "Times New
Roman""> =
</span></span></span><span lang=3D"EN-US">Active
Directory Name<br Example:
ad.mydomain.com.</span></p <p
style=3D"margin-left:36.0pt; text-indent:-18.0pt"><span
lang=3D"EN-US" s=
tyle=3D"font-size:10.0pt; font-family:Symbol"><span
style=3D"">·<spa=
n style=3D"font:7.0pt "Times New
Roman""> =
</span></span></span><span lang=3D"EN-US">RHEVM
machine<br Example:
rhevm.ad.mydomain.com.</span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">We are fulfilling
this requirem=
ent, as nslookup of these 3 machines’ IP work.</span></p <p class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">Additional
info.</span></p <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US">These commands work
(if you nee=
d I can paste the full output):</span></p <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p
<pre><code><span lang=3D"EN-US">#dig SRV
_kerberos._tcp.FPT.LOCAL</span></c=
ode></pre <pre><code><span
lang=3D"EN-US">#dig SRV _kerberos._udp.FPT.LOCAL</span></c=
ode></pre <pre><code><span
lang=3D"EN-US">#dig SRV _ldap._tcp.FPT.LOCAL</span></code>=
<span lang=3D"EN-US"></span></pre <p
class=3D"MsoNormal"><span
lang=3D"EN-US"> </span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"font-size:10.0pt; font=
-family:"Courier New""># kinit
fptadmin02(a)FPT.LOCAL</span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"font-size:10.0pt; font=
-family:"Courier New""># klist</span></p <p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"font-size:10.0pt; font=
-family:"Courier New"">Ticket cache:
FILE:/tmp/krb5cc_0</span></p=
<p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"font-size:10.0pt; font=
-family:"Courier New"">Default principal:
fptadmin02(a)FPT.LOCAL</s=
pan></p <p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"font-size:10.0pt; font=
-family:"Courier New""> </span></p <p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"font-size:10.0pt; font=
-family:"Courier New"">Valid
starting Exp=
ires
Serv=
ice principal</span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"font-size:10.0pt; font=
-family:"Courier New"">08/30/12 15:55:46 08/31/12
01:55:51&=
nbsp; krbtgt/FPT.LOCAL(a)FPT.LOCAL</span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"font-size:10.0pt; font=
-family:"Courier
New""> =
renew until 09/06/12 15:55:46</span></p <p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"font-size:10.0pt; font=
-family:"Courier New""> </span></p <p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"font-size:10.0pt; font=
-family:"Courier New""> </span></p <p class=3D"MsoNormal"><span
lang=3D"EN-US">Thank you very much in advance<=
/span></p </div <br <br <div
align=3D"left" <p
style=3D"font-family:Calibri,Sans-Serif; font-size:10pt"><span
style=3D"=
color:#000000; font-weight:bold">Alberto Scotto</span <span
style=3D"color:#808080"></span><br
<br <span
style=3D"color:#000000"><img border=3D"0" alt=3D"Blue"
src=3D"cid:d82=
1ce0543394a2e81b51ca3e6032148" style=3D"margin:0px" </span><br <span
style=3D"color:#808080">Via Cardinal Massaia, 83<br 10147 - Torino - ITALY <br phone:
+39 011 29100 <br <a
href=3D"al.scotto(a)reply.it" target=3D"" style=3D"color:blue;
text-decora=
tion:underline">al.scotto@reply.it</a
<br <a title=3D""
href=3D"www.reply.it" target=3D"" style=3D"color:blue; text-d=
ecoration:underline">www.reply.it</a
</span><br </p </div
<br <hr <font
face=3D"Arial" color=3D"Gray" size=3D"1"><br --<br The
information transmitted is intended for the person or entity to which i=
t is addressed and may contain confidential and/or privileged material. Any=
review, retransmission, dissemination or other use of, or taking of any ac=
tion in reliance upon, this information
by persons or entities other than the intended recipient is prohibited. If=
you received this in error, please contact the sender and delete the mater=
ial from any computer.<br </font </body
</html
--_000_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_--
--_006_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_
Content-Type: image/png; name="blue.png"
Content-Description: blue.png
Content-Disposition: inline; filename="blue.png"; size=2834;
creation-date="Fri, 31 Aug 2012 09:35:03 GMT";
modification-date="Fri, 31 Aug 2012 09:35:03 GMT"
Content-ID: <d821ce0543394a2e81b51ca3e6032148
Content-Transfer-Encoding: base64
iVBORw0KGgoAAAANSUhEUgAAAIwAAAAyCAYAAACOADM7AAAABmJLR0QA/gD+AP7rGNSCAAAACXBI
WXMAAA3XAAAN1wFCKJt4AAAACXZwQWcAAACMAAAAMgCR0D3bAAAKaUlEQVR42u2ce5AUxRnAf313
3Al4eCAYFaIgyMNEUF6KlYoVIDBArDxqopWxQgViQlWsPHA0MUlZVoyKRsdSE4lGomjIaHS0UlHL
wTIPpEgQFQUUjYIWdfIIScyBHi/Z6/zRM1xP3yzs7t3unOX8qra2H9M9vb3f9Pf19/WukFKSk1Mq
dVkPIOejRS4wOWXR6wVGuP5I4foDsh5HjkL0VhtGuP5A4CFgNrAD+Lb0nKeyHtfHnd68wixGCQvA
qcA9wvWPy3pQH3caan1D4fonAYeBDwEZjaFflAaok56zHRhsNG0B+gAHSrhHarn0nFp/3NLnxbKP
B06I5kECO2UYZD2sLtRcYIBJwK+BoYBACU89cAjoAIRw/TuAJcClQGy//FJ6zvvH6ly4/qXAz4vU
HQA2A4H0nIcz+OxH41eAHaU3AhdkPaA0MrFhhOuPB2YA5wBnA6ehni5dgKcBu4C5wLZS7Rfh+g8A
80u49HHgEuk5h2s+AeaYLbsO2AKMiIqWyzBYkPW40shihUF6zkbUUwSAcP0G4FHgS9pl10rPmQMs
LbXfSBVNLPHyrwDfBO7JYg4MRqEempjnsh5QMXqL0Xsl8EUt3w5cXUE/w4AztfzzwGSUGrwoyuvM
yfqDR5yLUssxL2U9oGJkssLoCNdfjLJXdBZIz9lQQXcTgSYt/4z0nHjy1wvX3wW8oNX3O8q4TgKm
AGegjNB/As9JzzmYer1lTwKGoOyyV2UYtArLngLMQ9lh64EVRQxZ3V5pje4V9zsVGBRl22QYrDXu
e0HUvwD+K8NgXbe/lKOQqcAI178MuM0ovk16zqMVdjnNyL9g5E2DrTVlTP1RRvM3gIFG9RvC9RdK
z/lHoo2yQQJgeFR0hbDsT6FUns544Icp456qpV+RYaAL5RJgepR+FWXzxfcdA6zRrr0SqKrAZKaS
hOt/DbjXKH5Geo7bjW71iT8AvGLUzzXyfzfGNBBlPyymq7AAjAWeFK5/slE+AvhklC4At6KEZb9x
3cJo+9x5T8s+ERinFa012uzU0vuMuu9r6W3AXd2Yu5LIRGCE618E/D6l6rpu9Hk8MEEr2iQ9p1Wr
n4wShJgPgCeMbh6g02jeB9wILASe1q4ZBHzBaDeRThukHghRdskoQF+NmlH+JJ0JqB1ijCkw72np
jiOfx7JPQrkdYm6QYXBMH1V3qYlKEq7fhNLvw1CTeztK55rcJlz/s8XshGPwaeBELd8sXP961Bd4
Bsqo1u2bm6Tn7NbGeCHKMI6ZLz3nsajuT6gtfjxfpxr31lXhThkG8470a9mrtPp2uq4652np94FN
Rr0uMM1a+jI6fVTvAMsrmLOy6VGBEa5fB3wOpctHaK9TgVOAxmN0MRXlwPpWBbefYuTHAj8tcu39
0nNuMMq+qqXfjoUl4mSSq/HbRlv9S3/ZqBumpXcB/zPqz9fSm2UY/Nuo1wWmCUBYdiPwHa3ck2Hw
YQVzVjbVWGFmkW7YmewDfga8CNwHnB6VXyZcf7X0nAfLvG8pntE3gSXSc5an1Olf+hDh+i+jVieJ
UiOxwBSiMQMgLLsFOEtr+7xWB8rQjdkgw0BXK40o1RWTZrDu0dKx0X4xylMOynZZVuZcVUyPCoz0
nA7gR8L1N6FWmQIqZtRGpwoSwF7gRek5WwCE658P3A9Y0TV3C9ffUOrWOlrZdIfdXuBhlCqaqZU/
myYs0RZaNzybUV7oNFqBt7T8BJJ2iW6zDAPGFKkDGE1yBTLtF0gKTCF6/4FWtsTYVVWVqtgw0nNW
lHn9LmCOcP2bgKuAvsAtqNWqFGLVF7NGes4i4fpjgNfpFNbzi7QfD/TX8vtQMa40VkvPKWh5fWfW
DuhCfg5Ju8nc5k/RxpZYuTR0gWkTlj0D5YgEeJca2S4xvcXTC4D0nKvpdNWXc2hqEiqSHROrhR0k
bYAzhesPTmmvG61tKAE6PXoNRRnTg6OX6VvRhfB1GQa7tbyu5v6D8qNQpH4bsDVlbLrADACu0fK/
qOXqAr1MYCLip7AcI+48I78WIIpuv6mVN5NUPWntN0nP2So9p016ThtwEKU6RpIMOyAsuw9JVWiu
INO19AYZBma0fbKWXi/DoEBX9tBpu4wDLozS2+jqx6o6vVFgYt+JKKON/pTvJ6kWzKc6LTg5XEtv
MeruAF5DqbZVgH6IayTJoOHf4oSw7LNICuKTeqfCsj9BUnhN+yamPXqZc3JrLfwuJpnHklKIBaa+
lIuF67eQ3KW8HtlEMabhPCmlG/3JnhX5ZHaifDeLtLqlxpmcySQfuvnCstdH6WXaZ9iPMsJ1xpOM
ZaXZL6DsqfcB3UO8A7WzrDm9T2DqG7dTOHSIEgUGIc5GyhatZJ1Rv4HkmZ/xKb08o5UPRa0UkuQT
vY6uQVJTFc5D7fQ6SNpUN8ow2GVcq7sB2ugq2DGHUYfLdG6SYbCPDMhcYIRlJwWjcGg/Z1/yATBE
zJxXT0Pf4o0P7pWcO39W4nuVHS+JGfPq6dMXOjpgzNyt9En0MUF877fDee3x1iPlo2beTOPxnwGh
qzahuhUAjwCLpOeYKkDfIT2BUl1XkxT2+2QYXJ8yen0H+JYMgz2kY9o126mh38UkITBRYGwp5e1Q
usNjwL/Ql3VRX2D35mUI0UB90wyOZmc19i+wa+NB+vTrnMA9re00RO3q6iRbVtYxeOzt1NXHS3od
e96dRkPT6CN9v/HUIRr738Dg0bMRDSdQVzeAjsJh+ra8SfMpf5S3XNzFoSYsewhJVbhKhoEnLDtE
HV4vRGXPprQFFTdrRklk2u4opoVkyMOTYbCfjEgc0RSWPQhlQ/SruMfymCrD4IXud1N7In+ILgzT
ZRj8tYfvcSLwOzoPer0DjKv1VlrHVEltqBhMafZD99mR1QfvAXT1tYfiNkhZCMvuD1yLCtbORsXg
Yi7PUljAEJgoztFaYV8fN8yg4XsV95TkLJS32+QaGQZPl9tZT5O50ftRJLL1Pq8V9cjqEjHdyG8D
rpdhkJmhq5MLTGX0QR2diLdnYQ/2vRq1wsRe6nUyDNq712XP0Wt/W53TO+mNoYGcXkwuMDll0eM2
TPRbnGnAvaaDSVj2bOA0GQY1j7Lm9AzVWGG+jIrwphlH3wXuzvpD51RONXZJ7aizLFcIyx4O3CXD
IN527kUdJAJAWPbFqBXnVmHZV6FO3K+I6oahzgYPAX7T017UnMqoxgpTQAniONRJ/AeFZRc72+IA
P47SPwEWAAjLbgL+jPJ1NAF/EZZd6o/sc6pINQSmARAyDL6OOm45mmSoX+cDVDiC6D0+azI0arcS
FSkG9fcgORlTbcfdXtR5jqOdnpPGO3QK8nzU33KsoutvgXIyoBorjP7FN6OEsph3sE6rq9fS8RmQ
RTIMTgP+QPJsbk5GVENgjgMQlv0QcDnwBp0nxgaQ/O+6dmCUsOxHUGdj459kbI/a3Sksew3qjE5L
1pOVUx2VtBJljxxAhf3v0v4TZRnKmI25ObruLdTZkvcAZBgcEpY9E3BRu6TrZBisznqycvJYUk6Z
5KGBnLLIBSanLHKBySmLXGByyiIXmJyy+D/P9uGVPOu6DAAAACh6VFh0U29mdHdhcmUAAHja801M
LsrPTU3JTFRwyyxKLc8vyi5WsAAAYBUIJ4KDNosAAAAASUVORK5CYII=
--_006_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_--
--_007_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_
Content-Type: text/plain; name="manage-domains add output.txt"
Content-Description: manage-domains add output.txt
Content-Disposition: attachment; filename="manage-domains add output.txt";
size=8707; creation-date="Thu, 30 Aug 2012 15:49:48 GMT";
modification-date="Thu, 30 Aug 2012 15:49:48 GMT"
Content-Transfer-Encoding: base64
77u/W3Jvb3RAcGl0dG9yMDZ2aHhkMDEwIH5dIyByaGV2bS1tYW5hZ2UtZG9tYWlucyAtYWN0aW9u
PWFkZCAtZG9tYWluPSdmcHQubG9jYWwnIC11c2VyPSdmcHRhZG1pbjAyJyAtaW50ZXJhY3RpdmUK
RW50ZXIgcGFzc3dvcmQ6CgpqYXZheC5uYW1pbmcuQXV0aGVudGljYXRpb25FeGNlcHRpb246IEdT
U0FQSSBbUm9vdCBleGNlcHRpb24gaXMgamF2YXguc2VjdXJpdHkuc2FzbC5TYXNsRXhjZXB0aW9u
OiBHU1MgaW5pdGlhdGUgZmFpbGVkIFtDYXVzZWQgYnkgR1NTRXhjZXB0aW9uOiBObyB2YWxpZCBj
cmVkZW50aWFscyBwcm92aWRlZCAoTWVjaGFuaXNtIGxldmVsOiBTZXJ2ZXIgbm90IGZvdW5kIGlu
IEtlcmJlcm9zIGRhdGFiYXNlICg3KSldXQogICAgICAgIGF0IGNvbS5zdW4uam5kaS5sZGFwLnNh
c2wuTGRhcFNhc2wuc2FzbEJpbmQoTGRhcFNhc2wuamF2YToxNTApCiAgICAgICAgYXQgY29tLnN1
bi5qbmRpLmxkYXAuTGRhcENsaWVudC5hdXRoZW50aWNhdGUoTGRhcENsaWVudC5qYXZhOjIxMikK
ICAgICAgICBhdCBjb20uc3VuLmpuZGkubGRhcC5MZGFwQ3R4LmNvbm5lY3QoTGRhcEN0eC5qYXZh
OjI3MjApCiAgICAgICAgYXQgY29tLnN1bi5qbmRpLmxkYXAuTGRhcEN0eC48aW5pdD4oTGRhcEN0
eC5qYXZhOjI5NikKICAgICAgICBhdCBjb20uc3VuLmpuZGkubGRhcC5MZGFwQ3R4RmFjdG9yeS5n
ZXRVc2luZ1VSTChMZGFwQ3R4RmFjdG9yeS5qYXZhOjE3NSkKICAgICAgICBhdCBjb20uc3VuLmpu
ZGkubGRhcC5MZGFwQ3R4RmFjdG9yeS5nZXRVc2luZ1VSTHMoTGRhcEN0eEZhY3RvcnkuamF2YTox
OTMpCiAgICAgICAgYXQgY29tLnN1bi5qbmRpLmxkYXAuTGRhcEN0eEZhY3RvcnkuZ2V0TGRhcEN0
eEluc3RhbmNlKExkYXBDdHhGYWN0b3J5LmphdmE6MTM2KQogICAgICAgIGF0IGNvbS5zdW4uam5k
aS5sZGFwLkxkYXBDdHhGYWN0b3J5LmdldEluaXRpYWxDb250ZXh0KExkYXBDdHhGYWN0b3J5Lmph
dmE6NjYpCiAgICAgICAgYXQgamF2YXgubmFtaW5nLnNwaS5OYW1pbmdNYW5hZ2VyLmdldEluaXRp
YWxDb250ZXh0KE5hbWluZ01hbmFnZXIuamF2YTo2NjcpCiAgICAgICAgYXQgamF2YXgubmFtaW5n
LkluaXRpYWxDb250ZXh0LmdldERlZmF1bHRJbml0Q3R4KEluaXRpYWxDb250ZXh0LmphdmE6Mjg4
KQogICAgICAgIGF0IGphdmF4Lm5hbWluZy5Jbml0aWFsQ29udGV4dC5pbml0KEluaXRpYWxDb250
ZXh0LmphdmE6MjIzKQogICAgICAgIGF0IGphdmF4Lm5hbWluZy5Jbml0aWFsQ29udGV4dC48aW5p
dD4oSW5pdGlhbENvbnRleHQuamF2YToxOTcpCiAgICAgICAgYXQgamF2YXgubmFtaW5nLmRpcmVj
dG9yeS5Jbml0aWFsRGlyQ29udGV4dC48aW5pdD4oSW5pdGlhbERpckNvbnRleHQuamF2YTo4MikK
ICAgICAgICBhdCBvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVyb3MuSm5kaUFjdGlv
bi5ydW4oSm5kaUFjdGlvbi5qYXZhOjc5KQogICAgICAgIGF0IGphdmEuc2VjdXJpdHkuQWNjZXNz
Q29udHJvbGxlci5kb1ByaXZpbGVnZWQoTmF0aXZlIE1ldGhvZCkKICAgICAgICBhdCBqYXZheC5z
ZWN1cml0eS5hdXRoLlN1YmplY3QuZG9BcyhTdWJqZWN0LmphdmE6MzM3KQogICAgICAgIGF0IG9y
Zy5vdmlydC5lbmdpbmUuY29yZS51dGlscy5rZXJiZXJvcy5LZXJiZXJvc0NvbmZpZ0NoZWNrLnBy
b21wdFN1Y2Nlc3NmdWxBdXRoZW50aWNhdGlvbihLZXJiZXJvc0NvbmZpZ0NoZWNrLmphdmE6MTc0
KQogICAgICAgIGF0IG9yZy5vdmlydC5lbmdpbmUuY29yZS51dGlscy5rZXJiZXJvcy5LZXJiZXJv
c0NvbmZpZ0NoZWNrLnZhbGlkYXRlS2VyYmVyb3NJbnN0YWxsYXRpb24oS2VyYmVyb3NDb25maWdD
aGVjay5qYXZhOjE1NCkKICAgICAgICBhdCBvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2Vy
YmVyb3MuS2VyYmVyb3NDb25maWdDaGVjay5jaGVja0luc3RhbGxhdGlvbihLZXJiZXJvc0NvbmZp
Z0NoZWNrLmphdmE6MTQwKQogICAgICAgIGF0IG9yZy5vdmlydC5lbmdpbmUuY29yZS51dGlscy5r
ZXJiZXJvcy5NYW5hZ2VEb21haW5zLmNoZWNrS2VyYmVyb3NDb25maWd1cmF0aW9uKE1hbmFnZURv
bWFpbnMuamF2YTo1NjApCiAgICAgICAgYXQgb3JnLm92aXJ0LmVuZ2luZS5jb3JlLnV0aWxzLmtl
cmJlcm9zLk1hbmFnZURvbWFpbnMudGVzdENvbmZpZ3VyYXRpb24oTWFuYWdlRG9tYWlucy5qYXZh
OjcwNikKICAgICAgICBhdCBvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVyb3MuTWFu
YWdlRG9tYWlucy5hZGREb21haW4oTWFuYWdlRG9tYWlucy5qYXZhOjQwMSkKICAgICAgICBhdCBv
cmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVyb3MuTWFuYWdlRG9tYWlucy5ydW5Db21t
YW5kKE1hbmFnZURvbWFpbnMuamF2YToyMzIpCiAgICAgICAgYXQgb3JnLm92aXJ0LmVuZ2luZS5j
b3JlLnV0aWxzLmtlcmJlcm9zLk1hbmFnZURvbWFpbnMubWFpbihNYW5hZ2VEb21haW5zLmphdmE6
MTYwKQpDYXVzZWQgYnk6IGphdmF4LnNlY3VyaXR5LnNhc2wuU2FzbEV4Y2VwdGlvbjogR1NTIGlu
aXRpYXRlIGZhaWxlZCBbQ2F1c2VkIGJ5IEdTU0V4Y2VwdGlvbjogTm8gdmFsaWQgY3JlZGVudGlh
bHMgcHJvdmlkZWQgKE1lY2hhbmlzbSBsZXZlbDogU2VydmVyIG5vdCBmb3VuZCBpbiBLZXJiZXJv
cyBkYXRhYmFzZSAoNykpXQogICAgICAgIGF0IGNvbS5zdW4uc2VjdXJpdHkuc2FzbC5nc3NrZXJi
Lkdzc0tyYjVDbGllbnQuZXZhbHVhdGVDaGFsbGVuZ2UoR3NzS3JiNUNsaWVudC5qYXZhOjE5NCkK
ICAgICAgICBhdCBjb20uc3VuLmpuZGkubGRhcC5zYXNsLkxkYXBTYXNsLnNhc2xCaW5kKExkYXBT
YXNsLmphdmE6MTA1KQogICAgICAgIC4uLiAyMyBtb3JlCkNhdXNlZCBieTogR1NTRXhjZXB0aW9u
OiBObyB2YWxpZCBjcmVkZW50aWFscyBwcm92aWRlZCAoTWVjaGFuaXNtIGxldmVsOiBTZXJ2ZXIg
bm90IGZvdW5kIGluIEtlcmJlcm9zIGRhdGFiYXNlICg3KSkKICAgICAgICBhdCBzdW4uc2VjdXJp
dHkuamdzcy5rcmI1LktyYjVDb250ZXh0LmluaXRTZWNDb250ZXh0KEtyYjVDb250ZXh0LmphdmE6
NjYzKQogICAgICAgIGF0IHN1bi5zZWN1cml0eS5qZ3NzLkdTU0NvbnRleHRJbXBsLmluaXRTZWND
b250ZXh0KEdTU0NvbnRleHRJbXBsLmphdmE6MjMwKQogICAgICAgIGF0IHN1bi5zZWN1cml0eS5q
Z3NzLkdTU0NvbnRleHRJbXBsLmluaXRTZWNDb250ZXh0KEdTU0NvbnRleHRJbXBsLmphdmE6MTYy
KQogICAgICAgIGF0IGNvbS5zdW4uc2VjdXJpdHkuc2FzbC5nc3NrZXJiLkdzc0tyYjVDbGllbnQu
ZXZhbHVhdGVDaGFsbGVuZ2UoR3NzS3JiNUNsaWVudC5qYXZhOjE3NSkKICAgICAgICAuLi4gMjQg
bW9yZQpDYXVzZWQgYnk6IEtyYkV4Y2VwdGlvbjogU2VydmVyIG5vdCBmb3VuZCBpbiBLZXJiZXJv
cyBkYXRhYmFzZSAoNykKICAgICAgICBhdCBzdW4uc2VjdXJpdHkua3JiNS5LcmJUZ3NSZXAuPGlu
aXQ+KEtyYlRnc1JlcC5qYXZhOjYxKQogICAgICAgIGF0IHN1bi5zZWN1cml0eS5rcmI1LktyYlRn
c1JlcS5nZXRSZXBseShLcmJUZ3NSZXEuamF2YToxODUpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5
LmtyYjUuaW50ZXJuYWwuQ3JlZGVudGlhbHNVdGlsLnNlcnZpY2VDcmVkcyhDcmVkZW50aWFsc1V0
aWwuamF2YToyOTQpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5LmtyYjUuaW50ZXJuYWwuQ3JlZGVu
dGlhbHNVdGlsLmFjcXVpcmVTZXJ2aWNlQ3JlZHMoQ3JlZGVudGlhbHNVdGlsLmphdmE6MTA2KQog
ICAgICAgIGF0IHN1bi5zZWN1cml0eS5rcmI1LkNyZWRlbnRpYWxzLmFjcXVpcmVTZXJ2aWNlQ3Jl
ZHMoQ3JlZGVudGlhbHMuamF2YTo1NTcpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5Lmpnc3Mua3Ji
NS5LcmI1Q29udGV4dC5pbml0U2VjQ29udGV4dChLcmI1Q29udGV4dC5qYXZhOjU5NCkKICAgICAg
ICAuLi4gMjcgbW9yZQpDYXVzZWQgYnk6IEtyYkV4Y2VwdGlvbjogSWRlbnRpZmllciBkb2Vzbid0
IG1hdGNoIGV4cGVjdGVkIHZhbHVlICg5MDYpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5LmtyYjUu
aW50ZXJuYWwuS0RDUmVwLmluaXQoS0RDUmVwLmphdmE6MTMzKQogICAgICAgIGF0IHN1bi5zZWN1
cml0eS5rcmI1LmludGVybmFsLlRHU1JlcC5pbml0KFRHU1JlcC5qYXZhOjU4KQogICAgICAgIGF0
IHN1bi5zZWN1cml0eS5rcmI1LmludGVybmFsLlRHU1JlcC48aW5pdD4oVEdTUmVwLmphdmE6NTMp
CiAgICAgICAgYXQgc3VuLnNlY3VyaXR5LmtyYjUuS3JiVGdzUmVwLjxpbml0PihLcmJUZ3NSZXAu
amF2YTo0NikKICAgICAgICAuLi4gMzIgbW9yZQpFcnJvcjogTERBUCBxdWVyeSBGYWlsZWQuIEVy
cm9yIGluIEROUyBjb25maWd1cmF0aW9uLiBQbGVhc2UgdmVyaWZ5IHRoZSBSSEVWIE1hbmFnZXIg
aG9zdCBoYXMgYSB2YWxpZCByZXZlcnNlIEROUyAoUFRSKSByZWNvcmQuCmphdmF4Lm5hbWluZy5B
dXRoZW50aWNhdGlvbkV4Y2VwdGlvbjogR1NTQVBJIFtSb290IGV4Y2VwdGlvbiBpcyBqYXZheC5z
ZWN1cml0eS5zYXNsLlNhc2xFeGNlcHRpb246IEdTUyBpbml0aWF0ZSBmYWlsZWQgW0NhdXNlZCBi
eSBHU1NFeGNlcHRpb246IE5vIHZhbGlkIGNyZWRlbnRpYWxzIHByb3ZpZGVkIChNZWNoYW5pc20g
bGV2ZWw6IFNlcnZlciBub3QgZm91bmQgaW4gS2VyYmVyb3MgZGF0YWJhc2UgKDcpKV1dCiAgICAg
ICAgYXQgY29tLnN1bi5qbmRpLmxkYXAuc2FzbC5MZGFwU2FzbC5zYXNsQmluZChMZGFwU2FzbC5q
YXZhOjE1MCkKICAgICAgICBhdCBjb20uc3VuLmpuZGkubGRhcC5MZGFwQ2xpZW50LmF1dGhlbnRp
Y2F0ZShMZGFwQ2xpZW50LmphdmE6MjEyKQogICAgICAgIGF0IGNvbS5zdW4uam5kaS5sZGFwLkxk
YXBDdHguY29ubmVjdChMZGFwQ3R4LmphdmE6MjcyMCkKICAgICAgICBhdCBjb20uc3VuLmpuZGku
bGRhcC5MZGFwQ3R4Ljxpbml0PihMZGFwQ3R4LmphdmE6Mjk2KQogICAgICAgIGF0IGNvbS5zdW4u
am5kaS5sZGFwLkxkYXBDdHhGYWN0b3J5LmdldFVzaW5nVVJMKExkYXBDdHhGYWN0b3J5LmphdmE6
MTc1KQogICAgICAgIGF0IGNvbS5zdW4uam5kaS5sZGFwLkxkYXBDdHhGYWN0b3J5LmdldFVzaW5n
VVJMcyhMZGFwQ3R4RmFjdG9yeS5qYXZhOjE5MykKICAgICAgICBhdCBjb20uc3VuLmpuZGkubGRh
cC5MZGFwQ3R4RmFjdG9yeS5nZXRMZGFwQ3R4SW5zdGFuY2UoTGRhcEN0eEZhY3RvcnkuamF2YTox
MzYpCiAgICAgICAgYXQgY29tLnN1bi5qbmRpLmxkYXAuTGRhcEN0eEZhY3RvcnkuZ2V0SW5pdGlh
bENvbnRleHQoTGRhcEN0eEZhY3RvcnkuamF2YTo2NikKICAgICAgICBhdCBqYXZheC5uYW1pbmcu
c3BpLk5hbWluZ01hbmFnZXIuZ2V0SW5pdGlhbENvbnRleHQoTmFtaW5nTWFuYWdlci5qYXZhOjY2
NykKICAgICAgICBhdCBqYXZheC5uYW1pbmcuSW5pdGlhbENvbnRleHQuZ2V0RGVmYXVsdEluaXRD
dHgoSW5pdGlhbENvbnRleHQuamF2YToyODgpCiAgICAgICAgYXQgamF2YXgubmFtaW5nLkluaXRp
YWxDb250ZXh0LmluaXQoSW5pdGlhbENvbnRleHQuamF2YToyMjMpCiAgICAgICAgYXQgamF2YXgu
bmFtaW5nLkluaXRpYWxDb250ZXh0Ljxpbml0PihJbml0aWFsQ29udGV4dC5qYXZhOjE5NykKICAg
ICAgICBhdCBqYXZheC5uYW1pbmcuZGlyZWN0b3J5LkluaXRpYWxEaXJDb250ZXh0Ljxpbml0PihJ
bml0aWFsRGlyQ29udGV4dC5qYXZhOjgyKQogICAgICAgIGF0IG9yZy5vdmlydC5lbmdpbmUuY29y
ZS51dGlscy5rZXJiZXJvcy5KbmRpQWN0aW9uLnJ1bihKbmRpQWN0aW9uLmphdmE6NzkpCiAgICAg
ICAgYXQgamF2YS5zZWN1cml0eS5BY2Nlc3NDb250cm9sbGVyLmRvUHJpdmlsZWdlZChOYXRpdmUg
TWV0aG9kKQogICAgICAgIGF0IGphdmF4LnNlY3VyaXR5LmF1dGguU3ViamVjdC5kb0FzKFN1Ympl
Y3QuamF2YTozMzcpCiAgICAgICAgYXQgb3JnLm92aXJ0LmVuZ2luZS5jb3JlLnV0aWxzLmtlcmJl
cm9zLktlcmJlcm9zQ29uZmlnQ2hlY2sucHJvbXB0U3VjY2Vzc2Z1bEF1dGhlbnRpY2F0aW9uKEtl
cmJlcm9zQ29uZmlnQ2hlY2suamF2YToxNzQpCiAgICAgICAgYXQgb3JnLm92aXJ0LmVuZ2luZS5j
b3JlLnV0aWxzLmtlcmJlcm9zLktlcmJlcm9zQ29uZmlnQ2hlY2sudmFsaWRhdGVLZXJiZXJvc0lu
c3RhbGxhdGlvbihLZXJiZXJvc0NvbmZpZ0NoZWNrLmphdmE6MTU0KQogICAgICAgIGF0IG9yZy5v
dmlydC5lbmdpbmUuY29yZS51dGlscy5rZXJiZXJvcy5LZXJiZXJvc0NvbmZpZ0NoZWNrLmNoZWNr
SW5zdGFsbGF0aW9uKEtlcmJlcm9zQ29uZmlnQ2hlY2suamF2YToxNDApCiAgICAgICAgYXQgb3Jn
Lm92aXJ0LmVuZ2luZS5jb3JlLnV0aWxzLmtlcmJlcm9zLk1hbmFnZURvbWFpbnMuY2hlY2tLZXJi
ZXJvc0NvbmZpZ3VyYXRpb24oTWFuYWdlRG9tYWlucy5qYXZhOjU2MCkKICAgICAgICBhdCBvcmcu
b3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVyb3MuTWFuYWdlRG9tYWlucy50ZXN0Q29uZmln
dXJhdGlvbihNYW5hZ2VEb21haW5zLmphdmE6NzA2KQogICAgICAgIGF0IG9yZy5vdmlydC5lbmdp
bmUuY29yZS51dGlscy5rZXJiZXJvcy5NYW5hZ2VEb21haW5zLmFkZERvbWFpbihNYW5hZ2VEb21h
aW5zLmphdmE6NDAxKQogICAgICAgIGF0IG9yZy5vdmlydC5lbmdpbmUuY29yZS51dGlscy5rZXJi
ZXJvcy5NYW5hZ2VEb21haW5zLnJ1bkNvbW1hbmQoTWFuYWdlRG9tYWlucy5qYXZhOjIzMikKICAg
ICAgICBhdCBvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVyb3MuTWFuYWdlRG9tYWlu
cy5tYWluKE1hbmFnZURvbWFpbnMuamF2YToxNjApCkNhdXNlZCBieTogamF2YXguc2VjdXJpdHku
c2FzbC5TYXNsRXhjZXB0aW9uOiBHU1MgaW5pdGlhdGUgZmFpbGVkIFtDYXVzZWQgYnkgR1NTRXhj
ZXB0aW9uOiBObyB2YWxpZCBjcmVkZW50aWFscyBwcm92aWRlZCAoTWVjaGFuaXNtIGxldmVsOiBT
ZXJ2ZXIgbm90IGZvdW5kIGluIEtlcmJlcm9zIGRhdGFiYXNlICg3KSldCiAgICAgICAgYXQgY29t
LnN1bi5zZWN1cml0eS5zYXNsLmdzc2tlcmIuR3NzS3JiNUNsaWVudC5ldmFsdWF0ZUNoYWxsZW5n
ZShHc3NLcmI1Q2xpZW50LmphdmE6MTk0KQogICAgICAgIGF0IGNvbS5zdW4uam5kaS5sZGFwLnNh
c2wuTGRhcFNhc2wuc2FzbEJpbmQoTGRhcFNhc2wuamF2YToxMDUpCiAgICAgICAgLi4uIDIzIG1v
cmUKQ2F1c2VkIGJ5OiBHU1NFeGNlcHRpb246IE5vIHZhbGlkIGNyZWRlbnRpYWxzIHByb3ZpZGVk
IChNZWNoYW5pc20gbGV2ZWw6IFNlcnZlciBub3QgZm91bmQgaW4gS2VyYmVyb3MgZGF0YWJhc2Ug
KDcpKQogICAgICAgIGF0IHN1bi5zZWN1cml0eS5qZ3NzLmtyYjUuS3JiNUNvbnRleHQuaW5pdFNl
Y0NvbnRleHQoS3JiNUNvbnRleHQuamF2YTo2NjMpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5Lmpn
c3MuR1NTQ29udGV4dEltcGwuaW5pdFNlY0NvbnRleHQoR1NTQ29udGV4dEltcGwuamF2YToyMzAp
CiAgICAgICAgYXQgc3VuLnNlY3VyaXR5Lmpnc3MuR1NTQ29udGV4dEltcGwuaW5pdFNlY0NvbnRl
eHQoR1NTQ29udGV4dEltcGwuamF2YToxNjIpCiAgICAgICAgYXQgY29tLnN1bi5zZWN1cml0eS5z
YXNsLmdzc2tlcmIuR3NzS3JiNUNsaWVudC5ldmFsdWF0ZUNoYWxsZW5nZShHc3NLcmI1Q2xpZW50
LmphdmE6MTc1KQogICAgICAgIC4uLiAyNCBtb3JlCkNhdXNlZCBieTogS3JiRXhjZXB0aW9uOiBT
ZXJ2ZXIgbm90IGZvdW5kIGluIEtlcmJlcm9zIGRhdGFiYXNlICg3KQogICAgICAgIGF0IHN1bi5z
ZWN1cml0eS5rcmI1LktyYlRnc1JlcC48aW5pdD4oS3JiVGdzUmVwLmphdmE6NjEpCiAgICAgICAg
YXQgc3VuLnNlY3VyaXR5LmtyYjUuS3JiVGdzUmVxLmdldFJlcGx5KEtyYlRnc1JlcS5qYXZhOjE4
NSkKICAgICAgICBhdCBzdW4uc2VjdXJpdHkua3JiNS5pbnRlcm5hbC5DcmVkZW50aWFsc1V0aWwu
c2VydmljZUNyZWRzKENyZWRlbnRpYWxzVXRpbC5qYXZhOjI5NCkKICAgICAgICBhdCBzdW4uc2Vj
dXJpdHkua3JiNS5pbnRlcm5hbC5DcmVkZW50aWFsc1V0aWwuYWNxdWlyZVNlcnZpY2VDcmVkcyhD
cmVkZW50aWFsc1V0aWwuamF2YToxMDYpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5LmtyYjUuQ3Jl
ZGVudGlhbHMuYWNxdWlyZVNlcnZpY2VDcmVkcyhDcmVkZW50aWFscy5qYXZhOjU1NykKICAgICAg
ICBhdCBzdW4uc2VjdXJpdHkuamdzcy5rcmI1LktyYjVDb250ZXh0LmluaXRTZWNDb250ZXh0KEty
YjVDb250ZXh0LmphdmE6NTk0KQogICAgICAgIC4uLiAyNyBtb3JlCkNhdXNlZCBieTogS3JiRXhj
ZXB0aW9uOiBJZGVudGlmaWVyIGRvZXNuJ3QgbWF0Y2ggZXhwZWN0ZWQgdmFsdWUgKDkwNikKICAg
ICAgICBhdCBzdW4uc2VjdXJpdHkua3JiNS5pbnRlcm5hbC5LRENSZXAuaW5pdChLRENSZXAuamF2
YToxMzMpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5LmtyYjUuaW50ZXJuYWwuVEdTUmVwLmluaXQo
VEdTUmVwLmphdmE6NTgpCiAgICAgICAgYXQgc3VuLnNlY3VyaXR5LmtyYjUuaW50ZXJuYWwuVEdT
UmVwLjxpbml0PihUR1NSZXAuamF2YTo1MykKICAgICAgICBhdCBzdW4uc2VjdXJpdHkua3JiNS5L
cmJUZ3NSZXAuPGluaXQ+KEtyYlRnc1JlcC5qYXZhOjQ2KQogICAgICAgIC4uLiAzMiBtb3JlCkVy
cm9yOiBMREFQIHF1ZXJ5IEZhaWxlZC4gRXJyb3IgaW4gRE5TIGNvbmZpZ3VyYXRpb24uIFBsZWFz
ZSB2ZXJpZnkgdGhlIFJIRVYgTWFuYWdlciBob3N0IGhhcyBhIHZhbGlkIHJldmVyc2UgRE5TIChQ
VFIpIHJlY29yZC4KRmFpbHVyZSB3aGlsZSB0ZXN0aW5nIGRvbWFpbiBmcHQubG9jYWwuIERldGFp
bHM6IE5vIHVzZXIgaW5mb3JtYXRpb24gd2FzIGZvdW5kIGZvciB1c2VyCg==
--_007_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_
Content-Type: text/plain; name="manage-domains add log.txt"
Content-Description: manage-domains add log.txt
Content-Disposition: attachment; filename="manage-domains add log.txt";
size=2629; creation-date="Fri, 31 Aug 2012 08:59:14 GMT";
modification-date="Fri, 31 Aug 2012 08:59:15 GMT"
Content-Transfer-Encoding: base64
77u/MjAxMi0wOC0zMSAxMDo0MzowNSwzNzIgREVCVUcgW29yZy5hcGFjaGUuY29tbW9ucy5jb25m
aWd1cmF0aW9uLkNvbmZpZ3VyYXRpb25VdGlsc10gQ29uZmlndXJhdGlvblV0aWxzLmxvY2F0ZSgp
OiBiYXNlIGlzIG51bGwsIG5hbWUgaXMgL2V0Yy9yaGV2bS9yaGV2bS1tYW5hZ2UtZG9tYWlucy9y
aGV2bS1tYW5hZ2UtZG9tYWlucy5jb25mCjIwMTItMDgtMzEgMTA6NDM6MDUsMzczIERFQlVHIFtv
cmcuYXBhY2hlLmNvbW1vbnMuY29uZmlndXJhdGlvbi5Db25maWd1cmF0aW9uVXRpbHNdIExvYWRp
bmcgY29uZmlndXJhdGlvbiBmcm9tIHRoZSBhYnNvbHV0ZSBwYXRoIC9ldGMvcmhldm0vcmhldm0t
bWFuYWdlLWRvbWFpbnMvcmhldm0tbWFuYWdlLWRvbWFpbnMuY29uZgoyMDEyLTA4LTMxIDEwOjQz
OjA1LDQwNyBERUJVRyBbb3JnLmFwYWNoZS5jb21tb25zLmNvbmZpZ3VyYXRpb24uQ29uZmlndXJh
dGlvblV0aWxzXSBDb25maWd1cmF0aW9uVXRpbHMubG9jYXRlKCk6IGJhc2UgaXMgbnVsbCwgbmFt
ZSBpcyAvdmFyL2xpYi9qYm9zc2FzL3NlcnZlci9yaGV2bS1zbGltbWVkL2RlcGxveS9wb3N0Z3Jl
cy1kcy54bWwKMjAxMi0wOC0zMSAxMDo0MzowNSw0MDcgREVCVUcgW29yZy5hcGFjaGUuY29tbW9u
cy5jb25maWd1cmF0aW9uLkNvbmZpZ3VyYXRpb25VdGlsc10gTG9hZGluZyBjb25maWd1cmF0aW9u
IGZyb20gdGhlIGFic29sdXRlIHBhdGggL3Zhci9saWIvamJvc3Nhcy9zZXJ2ZXIvcmhldm0tc2xp
bW1lZC9kZXBsb3kvcG9zdGdyZXMtZHMueG1sCjIwMTItMDgtMzEgMTA6NDM6MDUsNDIyIERFQlVH
IFtvcmcuYXBhY2hlLmNvbW1vbnMuY29uZmlndXJhdGlvbi5Db25maWd1cmF0aW9uVXRpbHNdIENv
bmZpZ3VyYXRpb25VdGlscy5sb2NhdGUoKTogYmFzZSBpcyBudWxsLCBuYW1lIGlzIC92YXIvbGli
L2pib3NzYXMvc2VydmVyL3JoZXZtLXNsaW1tZWQvY29uZi9sb2dpbi1jb25maWcueG1sCjIwMTIt
MDgtMzEgMTA6NDM6MDUsNDIyIERFQlVHIFtvcmcuYXBhY2hlLmNvbW1vbnMuY29uZmlndXJhdGlv
bi5Db25maWd1cmF0aW9uVXRpbHNdIExvYWRpbmcgY29uZmlndXJhdGlvbiBmcm9tIHRoZSBhYnNv
bHV0ZSBwYXRoIC92YXIvbGliL2pib3NzYXMvc2VydmVyL3JoZXZtLXNsaW1tZWQvY29uZi9sb2dp
bi1jb25maWcueG1sCjIwMTItMDgtMzEgMTA6NDM6MDUsNjg2IERFQlVHIFtvcmcub3ZpcnQuZW5n
aW5lLmNvcmUudG9vbHMuY29tbW9uLmRiLkpib3NzQ29ubmVjdGlvbkZhY3RvcnldIGdldENvbm5l
Y3Rpb246IGRyaXZlciBjbGFzcyBuYW1lPW9yZy5wb3N0Z3Jlc3FsLkRyaXZlcgoyMDEyLTA4LTMx
IDEwOjQzOjA1LDcwMSBERUJVRyBbb3JnLm92aXJ0LmVuZ2luZS5jb3JlLnRvb2xzLmNvbW1vbi5k
Yi5KYm9zc0Nvbm5lY3Rpb25GYWN0b3J5XSBnZXRDb25uZWN0aW9uOiBVUkw9amRiYzpwb3N0Z3Jl
c3FsOi8vbG9jYWxob3N0OjU0MzIvcmhldm0KMjAxMi0wOC0zMSAxMDo0MzowNSw3MDEgREVCVUcg
W29yZy5vdmlydC5lbmdpbmUuY29yZS50b29scy5jb21tb24uZGIuSmJvc3NDb25uZWN0aW9uRmFj
dG9yeV0gZ2V0Q29ubmVjdGlvbjogQ29uc2lkZXJpbmcgZW5jcnlwdGVkIHBhc3NvcmQuIHNlY0Rv
bWFpbj1FbmNyeXB0REJQYXNzd29yZAoyMDEyLTA4LTMxIDEwOjQzOjEzLDgxMiBJTkZPICBbb3Jn
Lm92aXJ0LmVuZ2luZS5jb3JlLnV0aWxzLmtlcmJlcm9zLk1hbmFnZURvbWFpbnNdIENyZWF0aW5n
IGtlcmJlcm9zIGNvbmZpZ3VyYXRpb24gZm9yIGRvbWFpbihzKTogZnB0LmxvY2FsCjIwMTItMDgt
MzEgMTA6NDM6MTMsODI5IERFQlVHIFtvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVy
b3MuS3JiQ29uZkNyZWF0b3JdIGxvYWRlZCB0ZW1wbGF0ZSBrcjUuY29uZiBmaWxlIGtyYjUuY29u
Zi50ZW1wbGF0ZQoyMDEyLTA4LTMxIDEwOjQzOjEzLDgzMiBERUJVRyBbb3JnLm92aXJ0LmVuZ2lu
ZS5jb3JlLnV0aWxzLmtlcmJlcm9zLktyYkNvbmZDcmVhdG9yXSBzZXR0aW5nIGRlZmF1bHRfdGt0
X2VuY3R5cGVzCjIwMTItMDgtMzEgMTA6NDM6MTMsODU0IERFQlVHIFtvcmcub3ZpcnQuZW5naW5l
LmNvcmUudXRpbHMua2VyYmVyb3MuS3JiQ29uZkNyZWF0b3JdIHNldHRpbmcgcmVhbG1zCjIwMTIt
MDgtMzEgMTA6NDM6MTMsODU1IERFQlVHIFtvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2Vy
YmVyb3MuS3JiQ29uZkNyZWF0b3JdIHNldHRpbmcgZG9tYWluIHJlYWxtCjIwMTItMDgtMzEgMTA6
NDM6MTMsODU1IElORk8gIFtvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVyb3MuTWFu
YWdlRG9tYWluc10gU3VjY2Vzc2Z1bGx5IGNyZWF0ZWQga2VyYmVyb3MgY29uZmlndXJhdGlvbiBm
b3IgZG9tYWluKHMpOiBmcHQubG9jYWwKMjAxMi0wOC0zMSAxMDo0MzoxMyw4NTYgSU5GTyAgW29y
Zy5vdmlydC5lbmdpbmUuY29yZS51dGlscy5rZXJiZXJvcy5NYW5hZ2VEb21haW5zXSBUZXN0aW5n
IGtlcmJlcm9zIGNvbmZpZ3VyYXRpb24gZm9yIGRvbWFpbjogZnB0LmxvY2FsCjIwMTItMDgtMzEg
MTA6NDM6MTMsOTA3IERFQlVHIFtvcmcub3ZpcnQuZW5naW5lLmNvcmUudXRpbHMua2VyYmVyb3Mu
S2VyYmVyb3NDb25maWdDaGVja10gQ2hlY2sgYXV0aGVudGljYXRpb24gZmluaXNoZWQgc3VjY2Vz
c2Z1bGx5Cg==
--_007_C8B8517ADA90DB40A482797D59EB838964199B86CED01MBXS08repl_--
6:45 p.m.
--_005_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_
Content-Type: multipart/alternative;
boundary="_000_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_"
--_000_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Ok, now it works.
Thanks to tcpdump/wireshark I could undesrstand that:
- Rhevm-manage-domains sends DNS queries asking for PTR of RHEV-H =
and another redundant domain server, so I
- The LDAP query it sends is (&(sAMAccountType=3D805306368)(userPr=
incipalName=3D fptadmin02@DOMAIN.LOCAL)<mailto:fptadmin02@DOMAIN.LOCAL)>) b=
ut the account "fptadmin02" I was using had a different userPrincipalName
So here is how I solved:
- adding the missing PTRs in the reverse zone of the DNS server
- logging in with another username that has a correct userPrincipa=
lName
Anyhow, after restarting jbossas, still I can't log in the console with a d=
omain username.
From wireshark I see it doesn't even send an LDAP query; it breaks
at KRB5 =
packets with "error_code: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7)"
Here are the logs from rhevm.log
http://pastebin.com/kZqn3kzz
Alberto Scotto
[Blue]
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
From: users-bounces(a)ovirt.org [mailto:users-bounces@ovirt.org] On Behalf Of=
Scotto Alberto
Sent: venerd=EC 31 agosto 2012 11:35
To: users(a)ovirt.org
Subject: [Users] can't add domain with rhevm-manage-domains
Hi all,
I'm trying to add a domain (active directory), but I can't get it to work.
The command I execute is:
rhevm-manage-domains -action=3Dadd -domain=3D'FPT.LOCAL'
-user=3D'fptadmin'=
-interactive
Attached you can find:
- Output of the command
- Logs from /var/log/rhevm/rhevm-manage-domains/rhevm-manage-domai=
ns.log
I found a RHEV KB saying:
For Error: LDAP query Failed, make sure the Active Directory server and the=
RHEVM server have the correct PTR records in the DNS reverse lookup zone f=
ile
And another one says:
It's required to create PTR entry into DNS for the following:
* Name Server (NS) - Start of Authority (SOA)
Example: WIN-TL8JB8JAG8.ad.mydomain.com.
* Active Directory Name
Example: ad.mydomain.com.
* RHEVM machine
Example: rhevm.ad.mydomain.com.
We are fulfilling this requirement, as nslookup of these 3 machines' IP wor=
k.
Additional info.
These commands work (if you need I can paste the full output):
#dig SRV _kerberos._tcp.FPT.LOCAL
#dig SRV _kerberos._udp.FPT.LOCAL
#dig SRV _ldap._tcp.FPT.LOCAL
# kinit fptadmin02@FPT.LOCAL<mailto:fptadmin02@FPT.LOCAL>
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: fptadmin02@FPT.LOCAL<mailto:fptadmin02@FPT.LOCAL>
Valid starting Expires Service principal
08/30/12 15:55:46 08/31/12 01:55:51 krbtgt/FPT.LOCAL@FPT.LOCAL<mailto:krb=
tgt/FPT.LOCAL(a)FPT.LOCAL>
renew until 09/06/12 15:55:46
Thank you very much in advance
Alberto Scotto
[Blue]
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
________________________________
--
The information transmitted is intended for the person or entity to which i=
t is addressed and may contain confidential and/or privileged material. Any=
review, retransmission, dissemination or other use of, or taking of any ac=
tion in reliance upon, this information by persons or entities other than t=
he intended recipient is prohibited. If you received this in error, please =
contact the sender and delete the material from any computer.
________________________________
--
The information transmitted is intended for the person or entity to which i=
t is addressed and may contain confidential and/or privileged material. Any=
review, retransmission, dissemination or other use of, or taking of any ac=
tion in reliance upon, this information by persons or entities other than t=
he intended recipient is prohibited. If you received this in error, please =
contact the sender and delete the material from any computer.
--_000_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html;
charset=3Diso-8859-=
1">
<style>
<!--
@font-face
{font-family:Wingdings}
@font-face
{font-family:Wingdings}
@font-face
{font-family:Calibri}
@font-face
{font-family:Tahoma}
@font-face
{font-family:Consolas}
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif"}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline}
p
{margin-right:0cm;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif"}
code
{font-family:"Courier New"}
pre
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New"}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif"}
span.HTMLPreformattedChar
{font-family:"Consolas","serif"}
span.emailstyle17
{font-family:"Calibri","sans-serif";
color:windowtext}
span.htmlpreformattedchar0
{font-family:"Courier New"}
span.EmailStyle25
{font-family:"Calibri","sans-serif";
color:#1F497D}
.MsoChpDefault
{font-size:10.0pt}
@page WordSection1
{margin:70.85pt 2.0cm 2.0cm 2.0cm}
div.WordSection1
{}
ol
{margin-bottom:0cm}
ul
{margin-bottom:0cm}
-->
</style>
</head>
<body lang=3D"IT" link=3D"blue" vlink=3D"purple">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"color:#1F497D">Ok,
now it works.</spa=
n</p>
<p class=3D"MsoNormal"><span
style=3D"color:#1F497D"> </span</p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"color:#1F497D">Thanks =
to tcpdump/wireshark I could undesrstand that:</span</p>
<p class=3D"MsoListParagraph"
style=3D"text-indent:-18.0pt"><span lang=3D"E=
N-US" style=3D"color:#1F497D"><span style=3D"">-<span
style=3D"font:7.0pt &=
quot;Times New
Roman"">  =
;
</span></span></span><span lang=3D"EN-US"
style=3D"color:#1F497D">Rhevm-man=
age-domains sends DNS queries asking for PTR of RHEV-H and another redundan=
t domain server, so I
</span</p>
<p
class=3D"MsoListParagraph" style=3D"text-indent:-18.0pt"><span
lang=3D"E=
N-US" style=3D"color:#1F497D"><span style=3D"">-<span
style=3D"font:7.0pt &=
quot;Times New
Roman"">  =
;
</span></span></span><span lang=3D"EN-US"
style=3D"color:#1F497D">The LDAP =
query it sends is (&(sAMAccountType=3D805306368)(userPrincipalName=3D
<a
href=3D"mailto:fptadmin02@DOMAIN.LOCAL)">fptadmin02@DOMAIN.LOCAL)</a>)
b=
ut the account “fptadmin02” I was using had a different userPri=
ncipalName</span</p>
<p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"color:#1F497D"> <=
/span</p>
<p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"color:#1F497D">So here=
is how I solved:</span</p>
<p
class=3D"MsoListParagraph" style=3D"text-indent:-18.0pt"><span
lang=3D"E=
N-US" style=3D"color:#1F497D"><span style=3D"">-<span
style=3D"font:7.0pt &=
quot;Times New
Roman"">  =
;
</span></span></span><span lang=3D"EN-US"
style=3D"color:#1F497D">adding th=
e missing PTRs in the reverse zone of the DNS server</span</p>
<p class=3D"MsoListParagraph"
style=3D"text-indent:-18.0pt"><span lang=3D"E=
N-US" style=3D"color:#1F497D"><span style=3D"">-<span
style=3D"font:7.0pt &=
quot;Times New
Roman"">  =
;
</span></span></span><span lang=3D"EN-US"
style=3D"color:#1F497D">logging i=
n with another username that has a correct userPrincipalName</span</p>
<p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"color:#1F497D"> <=
/span</p>
<p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"color:#1F497D">Anyhow,=
after restarting jbossas, still I can’t log in the console with a do=
main username.</span</p>
<p
class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"color:#1F497D">From wi=
reshark I see it doesn’t even send an LDAP query; it breaks at KRB5 p=
ackets with “error_code: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7)”</=
span</p>
<p class=3D"MsoNormal"><span
lang=3D"EN-US"> </span</p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Here are
the logs from rhevm.lo=
g</span</p>
<p
class=3D"MsoNormal"><a
href=3D"http://pastebin.com/kZqn3kzz">http://past=
ebin.com/kZqn3kzz</a</p>
<p
class=3D"MsoNormal"> </p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"
style=3D"color:#1F497D"> <=
/span</p>
<p class=3D"MsoNormal"><span
lang=3D"EN-US" style=3D"color:#1F497D"> <=
/span</p>
<div><br>
<br>
<div align=3D"left">
<p style=3D"font-family:Calibri,Sans-Serif; font-size:10pt"><span
style=3D"=
color:#000000; font-weight:bold">Alberto Scotto</span>
<span style=3D"color:#808080"></span><br>
<br>
<span style=3D"color:#000000"><img border=3D"0"
alt=3D"Blue" src=3D"cid:ad1=
501dec7304928a9bdaa5a4ec912e3" style=3D"margin:0px">
</span><br>
<span style=3D"color:#808080">Via Cardinal Massaia, 83<br>
10147 - Torino - ITALY <br>
phone: +39 011 29100 <br>
<a href=3D"al.scotto(a)reply.it" target=3D""
style=3D"color:blue; text-decora=
tion:underline">al.scotto@reply.it</a>
<br>
<a title=3D"" href=3D"www.reply.it" target=3D""
style=3D"color:blue; text-d=
ecoration:underline">www.reply.it</a>
</span><br>
</p>
</div>
<div style=3D"border:none; border-top:solid #B5C4DF 1.0pt; padding:3.0pt 0c=
m 0cm 0cm">
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><b><span lang=3D"EN-US"=
style=3D"font-size:10.0pt;
font-family:"Tahoma","sans-serif=
"">From:</span></b><span lang=3D"EN-US"
style=3D"font-size:10.0pt; fon=
t-family:"Tahoma","sans-serif"">
users-bounces(a)ovirt.or=
g [mailto:users-bounces@ovirt.org]
<b>On Behalf Of </b>Scotto Alberto<br>
<b>Sent:</b> venerd=EC 31 agosto 2012 11:35<br>
<b>To:</b> users(a)ovirt.org<br>
<b>Subject:</b> [Users] can't add domain with
rhevm-manage-domains</span></=
p>
</div>
</div>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"> </p>
<div>
<p class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">Hi=
all,</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">I&=
#8217;m trying to add a domain (active directory), but I can’t get it=
to work.</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">Th=
e command I execute is:</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">rh=
evm-manage-domains -action=3Dadd -domain=3D'FPT.LOCAL' -user=3D'fptadmin'
&=
#8211;interactive</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">At=
tached you can find:</span</p>
<p
class=3D"MsoListParagraph" style=3D"margin-left:71.4pt; text-indent:-18.=
0pt"><span lang=3D"EN-US">-</span><span
lang=3D"EN-US" style=3D"font-size:7=
.0pt; font-family:"Times New
Roman","serif""> &nbs=
p;
</span><span lang=3D"EN-US">Output of the command</span</p>
<p class=3D"MsoListParagraph"
style=3D"margin-left:71.4pt; text-indent:-18.=
0pt"><span lang=3D"EN-US">-</span><span
lang=3D"EN-US" style=3D"font-size:7=
.0pt; font-family:"Times New
Roman","serif""> &nbs=
p;
</span><span lang=3D"EN-US">Logs from
/var/log/rhevm/rhevm-manage-domains/r=
hevm-manage-domains.log</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">I =
found a RHEV KB saying:
</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">Fo=
r <strong><span
style=3D"font-family:"Calibri","sans-serif&q=
uot;">Error: LDAP query Failed</span></strong>, make sure the Active
Direct=
ory server
<strong><span
style=3D"font-family:"Calibri","sans-serif&quo=
t;">and</span></strong> the RHEVM server have the correct PTR records
in th=
e DNS reverse lookup zone file</span</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">An=
d another one says:</span</p>
<p
style=3D"margin-left:35.4pt"><span lang=3D"EN-US">It's
required to creat=
e PTR entry into DNS for the following:</span</p>
<p style=3D"margin-left:71.4pt; text-indent:-18.0pt"><span
lang=3D"EN-US" s=
tyle=3D"font-size:10.0pt; font-family:Symbol">=B7</span><span
lang=3D"EN-US=
"
style=3D"font-size:7.0pt">  =
;
</span><span lang=3D"EN-US">Name Server (NS) - Start of Authority
(SOA)<br>
Example: WIN-TL8JB8JAG8.ad.mydomain.com.</span</p>
<p style=3D"margin-left:71.4pt; text-indent:-18.0pt"><span
lang=3D"EN-US" s=
tyle=3D"font-size:10.0pt; font-family:Symbol">=B7</span><span
lang=3D"EN-US=
"
style=3D"font-size:7.0pt">  =
;
</span><span lang=3D"EN-US">Active Directory Name<br>
Example: ad.mydomain.com.</span</p>
<p
style=3D"margin-left:71.4pt; text-indent:-18.0pt"><span
lang=3D"EN-US" s=
tyle=3D"font-size:10.0pt; font-family:Symbol">=B7</span><span
lang=3D"EN-US=
"
style=3D"font-size:7.0pt">  =
;
</span><span lang=3D"EN-US">RHEVM machine<br>
Example: rhevm.ad.mydomain.com.</span</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US">We=
are fulfilling this requirement, as nslookup of these 3 machines’ IP=
work.</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">Ad=
ditional info.</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">Th=
ese commands work (if you need I can paste the full output):</span</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US">&n=
bsp;</span</p>
<pre
style=3D"margin-left:35.4pt"><code><span
lang=3D"EN-US">#dig SRV _kerb=
eros._tcp.FPT.LOCAL</span></code></pre>
<pre style=3D"margin-left:35.4pt"><code><span
lang=3D"EN-US">#dig SRV _kerb=
eros._udp.FPT.LOCAL</span></code></pre>
<pre style=3D"margin-left:35.4pt"><code><span
lang=3D"EN-US">#dig SRV _ldap=
._tcp.FPT.LOCAL</span></code></pre>
<p class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">&n=
bsp;</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier New"">#
kinit
<a
href=3D"mailto:fptadmin02@FPT.LOCAL">fptadmin02@FPT.LOCAL</a></span</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier New"">#
klist</span=
</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier New"">Ticket
cache:=
FILE:/tmp/krb5cc_0</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier New"">Default
princ=
ipal:
<a
href=3D"mailto:fptadmin02@FPT.LOCAL">fptadmin02@FPT.LOCAL</a></span</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier
New""> </span>=
</p>
<p class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier New"">Valid
startin=
g
Expires =
Service principal</span</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier
New"">08/30/12 15:5=
5:46 08/31/12 01:55:51
<a
href=3D"mailto:krbtgt/FPT.LOCAL@FPT.LOCAL">krbtgt/FPT.LOCAL@FPT.LOCAL</a=
></span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier
New""> &=
nbsp; renew until 09/06/12 15:55:46</span</p>
<p class=3D"MsoNormal"
style=3D"margin-left:35.4pt"><span lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier
New""> </span>=
</p>
<p class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US" st=
yle=3D"font-size:10.0pt; font-family:"Courier
New""> </span>=
</p>
<p class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
lang=3D"EN-US">Th=
ank you very much in advance</span</p>
</div>
<p class=3D"MsoNormal" style=3D"margin-right:0cm; margin-bottom:12.0pt;
mar=
gin-left:35.4pt">
<span style=3D"font-size:12.0pt; font-family:"Times New
Roman",&q=
uot;serif""> </span</p>
<p style=3D"margin-left:35.4pt"><b><span
style=3D"font-size:10.0pt; font-fa=
mily:"Calibri","sans-serif";
color:black">Alberto Scott=
o</span></b><span style=3D"font-size:10.0pt;
font-family:"Calibri"=
;,"sans-serif"">
<br>
<br>
<span style=3D"color:black"><img border=3D"0"
width=3D"140" height=3D"50" i=
d=3D"_x0000_i1025" src=3D"cid:image001.png@01CD87A0.E9EB6E10"
alt=3D"Blue">=
</span><br>
<span style=3D"color:gray">Via Cardinal Massaia, 83<br>
10147 - Torino - ITALY <br>
phone: +39 011 29100 <br>
<a href=3D"al.scotto@reply.it">al.scotto(a)reply.it</a> <br>
<a href=3D"www.reply.it" title=3D"">www.reply.it</a>
</span><br>
</span</p>
<p
class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
style=3D"font-siz=
e:12.0pt; font-family:"Times New
Roman","serif""> =
</span</p>
<div
class=3D"MsoNormal" align=3D"center" style=3D"margin-left:35.4pt;
text=
-align:center">
<span style=3D"font-size:12.0pt; font-family:"Times New
Roman",&q=
uot;serif"">
<hr size=3D"2" width=3D"100%" align=3D"center">
</span></div>
<p class=3D"MsoNormal" style=3D"margin-left:35.4pt"><span
style=3D"font-siz=
e:7.5pt; font-family:"Arial","sans-serif";
color:gray">=
<br>
--<br>
The information transmitted is intended for the person or entity to which i=
t is addressed and may contain confidential and/or privileged material. Any=
review, retransmission, dissemination or other use of, or taking of any ac=
tion in reliance upon, this information
by persons or entities other than the intended recipient is prohibited. If=
you received this in error, please contact the sender and delete the mater=
ial from any computer.</span><span style=3D"font-size:12.0pt;
font-family:&=
quot;Times New Roman","serif""></span</p>
</div>
<br>
<hr>
<font face=3D"Arial" color=3D"Gray"
size=3D"1"><br>
--<br>
The information transmitted is intended for the person or entity to which i=
t is addressed and may contain confidential and/or privileged material. Any=
review, retransmission, dissemination or other use of, or taking of any ac=
tion in reliance upon, this information
by persons or entities other than the intended recipient is prohibited. If=
you received this in error, please contact the sender and delete the mater=
ial from any computer.<br>
</font>
</body>
</html>
--_000_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_--
--_005_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_
Content-Type: image/png; name="image001.png"
Content-Description: image001.png
Content-Disposition: inline; filename="image001.png"; size=2834;
creation-date="Fri, 31 Aug 2012 15:45:15 GMT";
modification-date="Fri, 31 Aug 2012 15:45:15 GMT"
Content-ID: <image001.png(a)01CD87A0.E9EB6E10>
Content-Transfer-Encoding: base64
iVBORw0KGgoAAAANSUhEUgAAAIwAAAAyCAYAAACOADM7AAAABmJLR0QA/gD+AP7rGNSCAAAACXBI
WXMAAA3XAAAN1wFCKJt4AAAACXZwQWcAAACMAAAAMgCR0D3bAAAKaUlEQVR42u2ce5AUxRnAf313
3Al4eCAYFaIgyMNEUF6KlYoVIDBArDxqopWxQgViQlWsPHA0MUlZVoyKRsdSE4lGomjIaHS0UlHL
wTIPpEgQFQUUjYIWdfIIScyBHi/Z6/zRM1xP3yzs7t3unOX8qra2H9M9vb3f9Pf19/WukFKSk1Mq
dVkPIOejRS4wOWXR6wVGuP5I4foDsh5HjkL0VhtGuP5A4CFgNrAD+Lb0nKeyHtfHnd68wixGCQvA
qcA9wvWPy3pQH3caan1D4fonAYeBDwEZjaFflAaok56zHRhsNG0B+gAHSrhHarn0nFp/3NLnxbKP
B06I5kECO2UYZD2sLtRcYIBJwK+BoYBACU89cAjoAIRw/TuAJcClQGy//FJ6zvvH6ly4/qXAz4vU
HQA2A4H0nIcz+OxH41eAHaU3AhdkPaA0MrFhhOuPB2YA5wBnA6ehni5dgKcBu4C5wLZS7Rfh+g8A
80u49HHgEuk5h2s+AeaYLbsO2AKMiIqWyzBYkPW40shihUF6zkbUUwSAcP0G4FHgS9pl10rPmQMs
LbXfSBVNLPHyrwDfBO7JYg4MRqEempjnsh5QMXqL0Xsl8EUt3w5cXUE/w4AztfzzwGSUGrwoyuvM
yfqDR5yLUssxL2U9oGJkssLoCNdfjLJXdBZIz9lQQXcTgSYt/4z0nHjy1wvX3wW8oNX3O8q4TgKm
AGegjNB/As9JzzmYer1lTwKGoOyyV2UYtArLngLMQ9lh64EVRQxZ3V5pje4V9zsVGBRl22QYrDXu
e0HUvwD+K8NgXbe/lKOQqcAI178MuM0ovk16zqMVdjnNyL9g5E2DrTVlTP1RRvM3gIFG9RvC9RdK
z/lHoo2yQQJgeFR0hbDsT6FUns544Icp456qpV+RYaAL5RJgepR+FWXzxfcdA6zRrr0SqKrAZKaS
hOt/DbjXKH5Geo7bjW71iT8AvGLUzzXyfzfGNBBlPyymq7AAjAWeFK5/slE+AvhklC4At6KEZb9x
3cJo+9x5T8s+ERinFa012uzU0vuMuu9r6W3AXd2Yu5LIRGCE618E/D6l6rpu9Hk8MEEr2iQ9p1Wr
n4wShJgPgCeMbh6g02jeB9wILASe1q4ZBHzBaDeRThukHghRdskoQF+NmlH+JJ0JqB1ijCkw72np
jiOfx7JPQrkdYm6QYXBMH1V3qYlKEq7fhNLvw1CTeztK55rcJlz/s8XshGPwaeBELd8sXP961Bd4
Bsqo1u2bm6Tn7NbGeCHKMI6ZLz3nsajuT6gtfjxfpxr31lXhThkG8470a9mrtPp2uq4652np94FN
Rr0uMM1a+jI6fVTvAMsrmLOy6VGBEa5fB3wOpctHaK9TgVOAxmN0MRXlwPpWBbefYuTHAj8tcu39
0nNuMMq+qqXfjoUl4mSSq/HbRlv9S3/ZqBumpXcB/zPqz9fSm2UY/Nuo1wWmCUBYdiPwHa3ck2Hw
YQVzVjbVWGFmkW7YmewDfga8CNwHnB6VXyZcf7X0nAfLvG8pntE3gSXSc5an1Olf+hDh+i+jVieJ
UiOxwBSiMQMgLLsFOEtr+7xWB8rQjdkgw0BXK40o1RWTZrDu0dKx0X4xylMOynZZVuZcVUyPCoz0
nA7gR8L1N6FWmQIqZtRGpwoSwF7gRek5WwCE658P3A9Y0TV3C9ffUOrWOlrZdIfdXuBhlCqaqZU/
myYs0RZaNzybUV7oNFqBt7T8BJJ2iW6zDAPGFKkDGE1yBTLtF0gKTCF6/4FWtsTYVVWVqtgw0nNW
lHn9LmCOcP2bgKuAvsAtqNWqFGLVF7NGes4i4fpjgNfpFNbzi7QfD/TX8vtQMa40VkvPKWh5fWfW
DuhCfg5Ju8nc5k/RxpZYuTR0gWkTlj0D5YgEeJca2S4xvcXTC4D0nKvpdNWXc2hqEiqSHROrhR0k
bYAzhesPTmmvG61tKAE6PXoNRRnTg6OX6VvRhfB1GQa7tbyu5v6D8qNQpH4bsDVlbLrADACu0fK/
qOXqAr1MYCLip7AcI+48I78WIIpuv6mVN5NUPWntN0nP2So9p016ThtwEKU6RpIMOyAsuw9JVWiu
INO19AYZBma0fbKWXi/DoEBX9tBpu4wDLozS2+jqx6o6vVFgYt+JKKON/pTvJ6kWzKc6LTg5XEtv
MeruAF5DqbZVgH6IayTJoOHf4oSw7LNICuKTeqfCsj9BUnhN+yamPXqZc3JrLfwuJpnHklKIBaa+
lIuF67eQ3KW8HtlEMabhPCmlG/3JnhX5ZHaifDeLtLqlxpmcySQfuvnCstdH6WXaZ9iPMsJ1xpOM
ZaXZL6DsqfcB3UO8A7WzrDm9T2DqG7dTOHSIEgUGIc5GyhatZJ1Rv4HkmZ/xKb08o5UPRa0UkuQT
vY6uQVJTFc5D7fQ6SNpUN8ow2GVcq7sB2ugq2DGHUYfLdG6SYbCPDMhcYIRlJwWjcGg/Z1/yATBE
zJxXT0Pf4o0P7pWcO39W4nuVHS+JGfPq6dMXOjpgzNyt9En0MUF877fDee3x1iPlo2beTOPxnwGh
qzahuhUAjwCLpOeYKkDfIT2BUl1XkxT2+2QYXJ8yen0H+JYMgz2kY9o126mh38UkITBRYGwp5e1Q
usNjwL/Ql3VRX2D35mUI0UB90wyOZmc19i+wa+NB+vTrnMA9re00RO3q6iRbVtYxeOzt1NXHS3od
e96dRkPT6CN9v/HUIRr738Dg0bMRDSdQVzeAjsJh+ra8SfMpf5S3XNzFoSYsewhJVbhKhoEnLDtE
HV4vRGXPprQFFTdrRklk2u4opoVkyMOTYbCfjEgc0RSWPQhlQ/SruMfymCrD4IXud1N7In+ILgzT
ZRj8tYfvcSLwOzoPer0DjKv1VlrHVEltqBhMafZD99mR1QfvAXT1tYfiNkhZCMvuD1yLCtbORsXg
Yi7PUljAEJgoztFaYV8fN8yg4XsV95TkLJS32+QaGQZPl9tZT5O50ftRJLL1Pq8V9cjqEjHdyG8D
rpdhkJmhq5MLTGX0QR2diLdnYQ/2vRq1wsRe6nUyDNq712XP0Wt/W53TO+mNoYGcXkwuMDll0eM2
TPRbnGnAvaaDSVj2bOA0GQY1j7Lm9AzVWGG+jIrwphlH3wXuzvpD51RONXZJ7aizLFcIyx4O3CXD
IN527kUdJAJAWPbFqBXnVmHZV6FO3K+I6oahzgYPAX7T017UnMqoxgpTQAniONRJ/AeFZRc72+IA
P47SPwEWAAjLbgL+jPJ1NAF/EZZd6o/sc6pINQSmARAyDL6OOm45mmSoX+cDVDiC6D0+azI0arcS
FSkG9fcgORlTbcfdXtR5jqOdnpPGO3QK8nzU33KsoutvgXIyoBorjP7FN6OEsph3sE6rq9fS8RmQ
RTIMTgP+QPJsbk5GVENgjgMQlv0QcDnwBp0nxgaQ/O+6dmCUsOxHUGdj459kbI/a3Sksew3qjE5L
1pOVUx2VtBJljxxAhf3v0v4TZRnKmI25ObruLdTZkvcAZBgcEpY9E3BRu6TrZBisznqycvJYUk6Z
5KGBnLLIBSanLHKBySmLXGByyiIXmJyy+D/P9uGVPOu6DAAAACh6VFh0U29mdHdhcmUAAHja801M
LsrPTU3JTFRwyyxKLc8vyi5WsAAAYBUIJ4KDNosAAAAASUVORK5CYII=
--_005_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_
Content-Type: image/png; name="blue.png"
Content-Description: blue.png
Content-Disposition: inline; filename="blue.png"; size=2834;
creation-date="Fri, 31 Aug 2012 15:45:18 GMT";
modification-date="Fri, 31 Aug 2012 15:45:18 GMT"
Content-ID: <ad1501dec7304928a9bdaa5a4ec912e3>
Content-Transfer-Encoding: base64
iVBORw0KGgoAAAANSUhEUgAAAIwAAAAyCAYAAACOADM7AAAABmJLR0QA/gD+AP7rGNSCAAAACXBI
WXMAAA3XAAAN1wFCKJt4AAAACXZwQWcAAACMAAAAMgCR0D3bAAAKaUlEQVR42u2ce5AUxRnAf313
3Al4eCAYFaIgyMNEUF6KlYoVIDBArDxqopWxQgViQlWsPHA0MUlZVoyKRsdSE4lGomjIaHS0UlHL
wTIPpEgQFQUUjYIWdfIIScyBHi/Z6/zRM1xP3yzs7t3unOX8qra2H9M9vb3f9Pf19/WukFKSk1Mq
dVkPIOejRS4wOWXR6wVGuP5I4foDsh5HjkL0VhtGuP5A4CFgNrAD+Lb0nKeyHtfHnd68wixGCQvA
qcA9wvWPy3pQH3caan1D4fonAYeBDwEZjaFflAaok56zHRhsNG0B+gAHSrhHarn0nFp/3NLnxbKP
B06I5kECO2UYZD2sLtRcYIBJwK+BoYBACU89cAjoAIRw/TuAJcClQGy//FJ6zvvH6ly4/qXAz4vU
HQA2A4H0nIcz+OxH41eAHaU3AhdkPaA0MrFhhOuPB2YA5wBnA6ehni5dgKcBu4C5wLZS7Rfh+g8A
80u49HHgEuk5h2s+AeaYLbsO2AKMiIqWyzBYkPW40shihUF6zkbUUwSAcP0G4FHgS9pl10rPmQMs
LbXfSBVNLPHyrwDfBO7JYg4MRqEempjnsh5QMXqL0Xsl8EUt3w5cXUE/w4AztfzzwGSUGrwoyuvM
yfqDR5yLUssxL2U9oGJkssLoCNdfjLJXdBZIz9lQQXcTgSYt/4z0nHjy1wvX3wW8oNX3O8q4TgKm
AGegjNB/As9JzzmYer1lTwKGoOyyV2UYtArLngLMQ9lh64EVRQxZ3V5pje4V9zsVGBRl22QYrDXu
e0HUvwD+K8NgXbe/lKOQqcAI178MuM0ovk16zqMVdjnNyL9g5E2DrTVlTP1RRvM3gIFG9RvC9RdK
z/lHoo2yQQJgeFR0hbDsT6FUns544Icp456qpV+RYaAL5RJgepR+FWXzxfcdA6zRrr0SqKrAZKaS
hOt/DbjXKH5Geo7bjW71iT8AvGLUzzXyfzfGNBBlPyymq7AAjAWeFK5/slE+AvhklC4At6KEZb9x
3cJo+9x5T8s+ERinFa012uzU0vuMuu9r6W3AXd2Yu5LIRGCE618E/D6l6rpu9Hk8MEEr2iQ9p1Wr
n4wShJgPgCeMbh6g02jeB9wILASe1q4ZBHzBaDeRThukHghRdskoQF+NmlH+JJ0JqB1ijCkw72np
jiOfx7JPQrkdYm6QYXBMH1V3qYlKEq7fhNLvw1CTeztK55rcJlz/s8XshGPwaeBELd8sXP961Bd4
Bsqo1u2bm6Tn7NbGeCHKMI6ZLz3nsajuT6gtfjxfpxr31lXhThkG8470a9mrtPp2uq4652np94FN
Rr0uMM1a+jI6fVTvAMsrmLOy6VGBEa5fB3wOpctHaK9TgVOAxmN0MRXlwPpWBbefYuTHAj8tcu39
0nNuMMq+qqXfjoUl4mSSq/HbRlv9S3/ZqBumpXcB/zPqz9fSm2UY/Nuo1wWmCUBYdiPwHa3ck2Hw
YQVzVjbVWGFmkW7YmewDfga8CNwHnB6VXyZcf7X0nAfLvG8pntE3gSXSc5an1Olf+hDh+i+jVieJ
UiOxwBSiMQMgLLsFOEtr+7xWB8rQjdkgw0BXK40o1RWTZrDu0dKx0X4xylMOynZZVuZcVUyPCoz0
nA7gR8L1N6FWmQIqZtRGpwoSwF7gRek5WwCE658P3A9Y0TV3C9ffUOrWOlrZdIfdXuBhlCqaqZU/
myYs0RZaNzybUV7oNFqBt7T8BJJ2iW6zDAPGFKkDGE1yBTLtF0gKTCF6/4FWtsTYVVWVqtgw0nNW
lHn9LmCOcP2bgKuAvsAtqNWqFGLVF7NGes4i4fpjgNfpFNbzi7QfD/TX8vtQMa40VkvPKWh5fWfW
DuhCfg5Ju8nc5k/RxpZYuTR0gWkTlj0D5YgEeJca2S4xvcXTC4D0nKvpdNWXc2hqEiqSHROrhR0k
bYAzhesPTmmvG61tKAE6PXoNRRnTg6OX6VvRhfB1GQa7tbyu5v6D8qNQpH4bsDVlbLrADACu0fK/
qOXqAr1MYCLip7AcI+48I78WIIpuv6mVN5NUPWntN0nP2So9p016ThtwEKU6RpIMOyAsuw9JVWiu
INO19AYZBma0fbKWXi/DoEBX9tBpu4wDLozS2+jqx6o6vVFgYt+JKKON/pTvJ6kWzKc6LTg5XEtv
MeruAF5DqbZVgH6IayTJoOHf4oSw7LNICuKTeqfCsj9BUnhN+yamPXqZc3JrLfwuJpnHklKIBaa+
lIuF67eQ3KW8HtlEMabhPCmlG/3JnhX5ZHaifDeLtLqlxpmcySQfuvnCstdH6WXaZ9iPMsJ1xpOM
ZaXZL6DsqfcB3UO8A7WzrDm9T2DqG7dTOHSIEgUGIc5GyhatZJ1Rv4HkmZ/xKb08o5UPRa0UkuQT
vY6uQVJTFc5D7fQ6SNpUN8ow2GVcq7sB2ugq2DGHUYfLdG6SYbCPDMhcYIRlJwWjcGg/Z1/yATBE
zJxXT0Pf4o0P7pWcO39W4nuVHS+JGfPq6dMXOjpgzNyt9En0MUF877fDee3x1iPlo2beTOPxnwGh
qzahuhUAjwCLpOeYKkDfIT2BUl1XkxT2+2QYXJ8yen0H+JYMgz2kY9o126mh38UkITBRYGwp5e1Q
usNjwL/Ql3VRX2D35mUI0UB90wyOZmc19i+wa+NB+vTrnMA9re00RO3q6iRbVtYxeOzt1NXHS3od
e96dRkPT6CN9v/HUIRr738Dg0bMRDSdQVzeAjsJh+ra8SfMpf5S3XNzFoSYsewhJVbhKhoEnLDtE
HV4vRGXPprQFFTdrRklk2u4opoVkyMOTYbCfjEgc0RSWPQhlQ/SruMfymCrD4IXud1N7In+ILgzT
ZRj8tYfvcSLwOzoPer0DjKv1VlrHVEltqBhMafZD99mR1QfvAXT1tYfiNkhZCMvuD1yLCtbORsXg
Yi7PUljAEJgoztFaYV8fN8yg4XsV95TkLJS32+QaGQZPl9tZT5O50ftRJLL1Pq8V9cjqEjHdyG8D
rpdhkJmhq5MLTGX0QR2diLdnYQ/2vRq1wsRe6nUyDNq712XP0Wt/W53TO+mNoYGcXkwuMDll0eM2
TPRbnGnAvaaDSVj2bOA0GQY1j7Lm9AzVWGG+jIrwphlH3wXuzvpD51RONXZJ7aizLFcIyx4O3CXD
IN527kUdJAJAWPbFqBXnVmHZV6FO3K+I6oahzgYPAX7T017UnMqoxgpTQAniONRJ/AeFZRc72+IA
P47SPwEWAAjLbgL+jPJ1NAF/EZZd6o/sc6pINQSmARAyDL6OOm45mmSoX+cDVDiC6D0+azI0arcS
FSkG9fcgORlTbcfdXtR5jqOdnpPGO3QK8nzU33KsoutvgXIyoBorjP7FN6OEsph3sE6rq9fS8RmQ
RTIMTgP+QPJsbk5GVENgjgMQlv0QcDnwBp0nxgaQ/O+6dmCUsOxHUGdj459kbI/a3Sksew3qjE5L
1pOVUx2VtBJljxxAhf3v0v4TZRnKmI25ObruLdTZkvcAZBgcEpY9E3BRu6TrZBisznqycvJYUk6Z
5KGBnLLIBSanLHKBySmLXGByyiIXmJyy+D/P9uGVPOu6DAAAACh6VFh0U29mdHdhcmUAAHja801M
LsrPTU3JTFRwyyxKLc8vyi5WsAAAYBUIJ4KDNosAAAAASUVORK5CYII=
--_005_C8B8517ADA90DB40A482797D59EB838964199C6DCED01MBXS08repl_--
4:53 p.m.
------=_Part_7528046_1477693076.1346594005732
Content-Type: multipart/related;
boundary="----=_Part_7528047_2086634424.1346594005732"
------=_Part_7528047_2086634424.1346594005732
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Hey,
What's the name of your domain?
The query you pasted below shows "DOMAIN.LOCAL".
However, in the log I see:
"Failed authenticating user: f35191a to domain fpt.local".
Did some reading, and looks like this error happens when the kerberos ticke=
t is requested to the wrong REALM.
What version are you working with?
Is there anything else in the logs besides what you have put in pastebin?
Oved
----- Original Message -----
From: "Scotto Alberto" <al.scotto(a)reply.it>
To: users(a)ovirt.org
Sent: Friday, August 31, 2012 6:45:15 PM
Subject: Re: [Users] can't add domain with rhevm-manage-domains
=20
=20
=20
=20
=20
Ok, now it works.
=20
=20
=20
Thanks to tcpdump/wireshark I could undesrstand that:
=20
- Rhevm-manage-domains sends DNS queries asking for PTR of RHEV-H and
another redundant domain server, so I
=20
- The LDAP query it sends is
(&(sAMAccountType=3D805306368)(userPrincipalName=3D
fptadmin02(a)DOMAIN.LOCAL) ) but the account =E2=80=9Cfptadmin02=E2=80=9D I=
was
using
had a different userPrincipalName
=20
=20
=20
So here is how I solved:
=20
- adding the missing PTRs in the reverse zone of the DNS server
=20
- logging in with another username that has a correct
userPrincipalName
=20
=20
=20
Anyhow, after restarting jbossas, still I can=E2=80=99t log in the consol=
e
with a domain username.
=20
From wireshark I see it doesn=E2=80=99t even send an LDAP query; it break=
s at
KRB5 packets with =E2=80=9Cerror_code:
KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7=
)=E2=80=9D
=20
=20
=20
Here are the logs from rhevm.log
=20
http://pastebin.com/kZqn3kzz
=20
=20
=20
=20
=20
=20
=20
=20
=20
=20
=20
Alberto Scotto
=20
Blue
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
=20
=20
=20
From: users-bounces(a)ovirt.org [mailto:users-bounces@ovirt.org] On
Behalf Of Scotto Alberto
Sent: venerd=C3=AC 31 agosto 2012 11:35
To: users(a)ovirt.org
Subject: [Users] can't add domain with rhevm-manage-domains
=20
=20
=20
=20
Hi all,
=20
I=E2=80=99m trying to add a domain (active directory), but I can=E2=80=99=
t get it
to
work.
=20
=20
=20
The command I execute is:
=20
rhevm-manage-domains -action=3Dadd -domain=3D'FPT.LOCAL' -user=3D'fptadmi=
n'
=E2=80=93interactive
=20
=20
=20
Attached you can find:
=20
- Output of the command
=20
- Logs from
/var/log/rhevm/rhevm-manage-domains/rhevm-manage-domains.log
=20
=20
=20
=20
=20
I found a RHEV KB saying:
=20
=20
=20
For Error: LDAP query Failed , make sure the Active Directory server
and the RHEVM server have the correct PTR records in the DNS reverse
lookup zone file
=20
=20
=20
And another one says:
=20
It's required to create PTR entry into DNS for the following:
=20
=C2=B7 Name Server (NS) - Start of Authority (SOA)
Example: WIN-TL8JB8JAG8.ad.mydomain.com.
=20
=C2=B7 Active Directory Name
Example: ad.mydomain.com.
=20
=C2=B7 RHEVM machine
Example: rhevm.ad.mydomain.com.
=20
We are fulfilling this requirement, as nslookup of these 3 machines=E2=80=
=99
IP work.
=20
=20
=20
Additional info.
=20
=20
=20
These commands work (if you need I can paste the full output):
=20
#dig SRV _kerberos._tcp.FPT.LOCAL #dig SRV _kerberos._udp.FPT.LOCAL
#dig SRV _ldap._tcp.FPT.LOCAL
=20
=20
=20
# kinit fptadmin02(a)FPT.LOCAL
=20
# klist
=20
Ticket cache: FILE:/tmp/krb5cc_0
=20
Default principal: fptadmin02(a)FPT.LOCAL
=20
=20
=20
Valid starting Expires Service principal
=20
08/30/12 15:55:46 08/31/12 01:55:51 krbtgt/FPT.LOCAL(a)FPT.LOCAL
=20
renew until 09/06/12 15:55:46
=20
=20
=20
=20
=20
Thank you very much in advance
=20
=20
=20
Alberto Scotto
=20
Blue
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
=20
=20
=20
=20
=20
=20
=20
--
The information transmitted is intended for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of,
or taking of any action in reliance upon, this information by
persons or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and delete
the material from any computer.
=20
=20
--
The information transmitted is intended for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of,
or taking of any action in reliance upon, this information by
persons or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and delete
the material from any computer.
=20
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
=20
------=_Part_7528047_2086634424.1346594005732--
------=_Part_7528046_1477693076.1346594005732--
4:21 p.m.
Oved,
Thank you for your try!
The query you pasted below shows "DOMAIN.LOCAL".
That was just an example. The command I ran was correct (FPT.LOCAL)
The issue seems solved. This morning I tried logging in with my domain user and it
succeeded.
Then a colleague of mine stopped again the reverse zone for the AD server, and now I
can't login again, even after reactivating the zone..
I suppose there must be some cache delay... :S
Alberto Scotto
Blue Reply
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
-----Original Message-----
From: Oved Ourfalli [mailto:ovedo@redhat.com]
Sent: domenica 2 settembre 2012 15:53
To: Scotto Alberto
Cc: users(a)ovirt.org
Subject: Re: [Users] can't add domain with rhevm-manage-domains
Hey,
What's the name of your domain?
The query you pasted below shows "DOMAIN.LOCAL".
However, in the log I see:
"Failed authenticating user: f35191a to domain fpt.local".
Did some reading, and looks like this error happens when the kerberos ticket is requested
to the wrong REALM.
What version are you working with?
Is there anything else in the logs besides what you have put in pastebin?
Oved
----- Original Message -----
From: "Scotto Alberto" <al.scotto(a)reply.it>
To: users(a)ovirt.org
Sent: Friday, August 31, 2012 6:45:15 PM
Subject: Re: [Users] can't add domain with rhevm-manage-domains
Ok, now it works.
Thanks to tcpdump/wireshark I could undesrstand that:
- Rhevm-manage-domains sends DNS queries asking for PTR of RHEV-H and
another redundant domain server, so I
- The LDAP query it sends is
(&(sAMAccountType=805306368)(userPrincipalName=
fptadmin02(a)DOMAIN.LOCAL) ) but the account “fptadmin02” I was using
had a different userPrincipalName
So here is how I solved:
- adding the missing PTRs in the reverse zone of the DNS server
- logging in with another username that has a correct
userPrincipalName
Anyhow, after restarting jbossas, still I can’t log in the console
with a domain username.
From wireshark I see it doesn’t even send an LDAP query; it breaks at
KRB5 packets with “error_code: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7)”
Here are the logs from rhevm.log
http://pastebin.com/kZqn3kzz
Alberto Scotto
Blue
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
From: users-bounces(a)ovirt.org [mailto:users-bounces@ovirt.org] On
Behalf Of Scotto Alberto
Sent: venerdì 31 agosto 2012 11:35
To: users(a)ovirt.org
Subject: [Users] can't add domain with rhevm-manage-domains
Hi all,
I’m trying to add a domain (active directory), but I can’t get it to
work.
The command I execute is:
rhevm-manage-domains -action=add -domain='FPT.LOCAL' -user='fptadmin'
–interactive
Attached you can find:
- Output of the command
- Logs from
/var/log/rhevm/rhevm-manage-domains/rhevm-manage-domains.log
I found a RHEV KB saying:
For Error: LDAP query Failed , make sure the Active Directory server
and the RHEVM server have the correct PTR records in the DNS reverse
lookup zone file
And another one says:
It's required to create PTR entry into DNS for the following:
· Name Server (NS) - Start of Authority (SOA)
Example: WIN-TL8JB8JAG8.ad.mydomain.com.
· Active Directory Name
Example: ad.mydomain.com.
· RHEVM machine
Example: rhevm.ad.mydomain.com.
We are fulfilling this requirement, as nslookup of these 3 machines’
IP work.
Additional info.
These commands work (if you need I can paste the full output):
#dig SRV _kerberos._tcp.FPT.LOCAL #dig SRV _kerberos._udp.FPT.LOCAL
#dig SRV _ldap._tcp.FPT.LOCAL
# kinit fptadmin02(a)FPT.LOCAL
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: fptadmin02(a)FPT.LOCAL
Valid starting Expires Service principal
08/30/12 15:55:46 08/31/12 01:55:51 krbtgt/FPT.LOCAL(a)FPT.LOCAL
renew until 09/06/12 15:55:46
Thank you very much in advance
Alberto Scotto
Blue
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
--
The information transmitted is intended for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of,
or taking of any action in reliance upon, this information by persons
or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and delete
the material from any computer.
--
The information transmitted is intended for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of,
or taking of any action in reliance upon, this information by persons
or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and delete
the material from any computer.
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
________________________________
--
The information transmitted is intended for the person or entity to which it is addressed
and may contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon, this information
by persons or entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from any computer.
8:44 a.m.
----- Original Message -----
From: "Scotto Alberto" <al.scotto(a)reply.it>
To: "Oved Ourfalli" <ovedo(a)redhat.com>
Cc: users(a)ovirt.org
Sent: Monday, September 3, 2012 4:21:27 PM
Subject: Re: [Users] can't add domain with rhevm-manage-domains
Oved,
Thank you for your try!
> The query you pasted below shows "DOMAIN.LOCAL".
That was just an example. The command I ran was correct (FPT.LOCAL)
The issue seems solved. This morning I tried logging in with my
domain user and it succeeded.
Then a colleague of mine stopped again the reverse zone for the AD
server, and now I can't login again, even after reactivating the
zone..
I suppose there must be some cache delay... :S
If you'll use openjdk 1.7 this problem will not surface. out of curiosity, what is the
output of java -version?
Alberto Scotto
Blue Reply
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
-----Original Message-----
From: Oved Ourfalli [mailto:ovedo@redhat.com]
Sent: domenica 2 settembre 2012 15:53
To: Scotto Alberto
Cc: users(a)ovirt.org
Subject: Re: [Users] can't add domain with rhevm-manage-domains
Hey,
What's the name of your domain?
The query you pasted below shows "DOMAIN.LOCAL".
However, in the log I see:
"Failed authenticating user: f35191a to domain fpt.local".
Did some reading, and looks like this error happens when the kerberos
ticket is requested to the wrong REALM.
What version are you working with?
Is there anything else in the logs besides what you have put in
pastebin?
Oved
----- Original Message -----
> From: "Scotto Alberto" <al.scotto(a)reply.it>
> To: users(a)ovirt.org
> Sent: Friday, August 31, 2012 6:45:15 PM
> Subject: Re: [Users] can't add domain with rhevm-manage-domains
>
>
>
>
>
> Ok, now it works.
>
>
>
> Thanks to tcpdump/wireshark I could undesrstand that:
>
> - Rhevm-manage-domains sends DNS queries asking for PTR of RHEV-H
> and
> another redundant domain server, so I
>
> - The LDAP query it sends is
> (&(sAMAccountType=805306368)(userPrincipalName=
> fptadmin02(a)DOMAIN.LOCAL) ) but the account “fptadmin02” I was using
> had a different userPrincipalName
>
>
>
> So here is how I solved:
>
> - adding the missing PTRs in the reverse zone of the DNS server
>
> - logging in with another username that has a correct
> userPrincipalName
>
>
>
> Anyhow, after restarting jbossas, still I can’t log in the console
> with a domain username.
>
> From wireshark I see it doesn’t even send an LDAP query; it breaks
> at
> KRB5 packets with “error_code: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7)”
>
>
>
> Here are the logs from rhevm.log
>
> http://pastebin.com/kZqn3kzz
>
>
>
>
>
>
>
>
>
>
>
> Alberto Scotto
>
> Blue
> Via Cardinal Massaia, 83
> 10147 - Torino - ITALY
> phone: +39 011 29100
> al.scotto(a)reply.it
> www.reply.it
>
>
>
> From: users-bounces(a)ovirt.org [mailto:users-bounces@ovirt.org] On
> Behalf Of Scotto Alberto
> Sent: venerdì 31 agosto 2012 11:35
> To: users(a)ovirt.org
> Subject: [Users] can't add domain with rhevm-manage-domains
>
>
>
>
> Hi all,
>
> I’m trying to add a domain (active directory), but I can’t get it
> to
> work.
>
>
>
> The command I execute is:
>
> rhevm-manage-domains -action=add -domain='FPT.LOCAL'
> -user='fptadmin'
> –interactive
>
>
>
> Attached you can find:
>
> - Output of the command
>
> - Logs from
> /var/log/rhevm/rhevm-manage-domains/rhevm-manage-domains.log
>
>
>
>
>
> I found a RHEV KB saying:
>
>
>
> For Error: LDAP query Failed , make sure the Active Directory
> server
> and the RHEVM server have the correct PTR records in the DNS
> reverse
> lookup zone file
>
>
>
> And another one says:
>
> It's required to create PTR entry into DNS for the following:
>
> · Name Server (NS) - Start of Authority (SOA)
> Example: WIN-TL8JB8JAG8.ad.mydomain.com.
>
> · Active Directory Name
> Example: ad.mydomain.com.
>
> · RHEVM machine
> Example: rhevm.ad.mydomain.com.
>
> We are fulfilling this requirement, as nslookup of these 3
> machines’
> IP work.
>
>
>
> Additional info.
>
>
>
> These commands work (if you need I can paste the full output):
>
> #dig SRV _kerberos._tcp.FPT.LOCAL #dig SRV _kerberos._udp.FPT.LOCAL
> #dig SRV _ldap._tcp.FPT.LOCAL
>
>
>
> # kinit fptadmin02(a)FPT.LOCAL
>
> # klist
>
> Ticket cache: FILE:/tmp/krb5cc_0
>
> Default principal: fptadmin02(a)FPT.LOCAL
>
>
>
> Valid starting Expires Service principal
>
> 08/30/12 15:55:46 08/31/12 01:55:51 krbtgt/FPT.LOCAL(a)FPT.LOCAL
>
> renew until 09/06/12 15:55:46
>
>
>
>
>
> Thank you very much in advance
>
>
>
> Alberto Scotto
>
> Blue
> Via Cardinal Massaia, 83
> 10147 - Torino - ITALY
> phone: +39 011 29100
> al.scotto(a)reply.it
> www.reply.it
>
>
>
>
>
>
>
> --
> The information transmitted is intended for the person or entity to
> which it is addressed and may contain confidential and/or
> privileged
> material. Any review, retransmission, dissemination or other use
> of,
> or taking of any action in reliance upon, this information by
> persons
> or entities other than the intended recipient is prohibited.
> If you received this in error, please contact the sender and delete
> the material from any computer.
>
>
> --
> The information transmitted is intended for the person or entity to
> which it is addressed and may contain confidential and/or
> privileged
> material. Any review, retransmission, dissemination or other use
> of,
> or taking of any action in reliance upon, this information by
> persons
> or entities other than the intended recipient is prohibited.
> If you received this in error, please contact the sender and delete
> the material from any computer.
>
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
________________________________
--
The information transmitted is intended for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of,
or taking of any action in reliance upon, this information by
persons or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and delete
the material from any computer.
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
11:08 a.m.
New subject: [Users] R: can't add domain with rhevm-manage-domains
________________________________________
Da: Roy Golan [rgolan(a)redhat.com]
Inviato: martedì 4 settembre 2012 7.44
A: Scotto Alberto
Cc: users(a)ovirt.org; Oved Ourfalli
Oggetto: Re: [Users] can't add domain with rhevm-manage-domains
----- Original Message -----
From: "Scotto Alberto" <al.scotto(a)reply.it>
To: "Oved Ourfalli" <ovedo(a)redhat.com>
Cc: users(a)ovirt.org
Sent: Monday, September 3, 2012 4:21:27 PM
Subject: Re: [Users] can't add domain with rhevm-manage-domains
Oved,
Thank you for your try!
> The query you pasted below shows "DOMAIN.LOCAL".
That was just an example. The command I ran was correct (FPT.LOCAL)
The issue seems solved. This morning I tried logging in with my
domain user and it succeeded.
Then a colleague of mine stopped again the reverse zone for the AD
server, and now I can't login again, even after reactivating the
zone..
I suppose there must be some cache delay... :S
If you'll use openjdk 1.7 this problem will not surface. out of curiosity, what is the
output of java -version?
[root@pittor06vhxd010 ~]# java -version
java version "1.6.0_33"
Java(TM) SE Runtime Environment (build 1.6.0_33-b03)
Java HotSpot(TM) 64-Bit Server VM (build 20.8-b03, mixed mode)
Alberto Scotto
Blue Reply
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
________________________________
--
The information transmitted is intended for the person or entity to which it is addressed
and may contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon, this information
by persons or entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from any computer.
12:03 p.m.
New subject: [Users] R: can't add domain with rhevm-manage-domains
----- Original Message -----
From: "Scotto Alberto" <al.scotto(a)reply.it>
To: "Roy Golan" <rgolan(a)redhat.com>
Cc: users(a)ovirt.org, "Oved Ourfalli" <ovedo(a)redhat.com>
Sent: Tuesday, September 4, 2012 11:08:03 AM
Subject: R: [Users] can't add domain with rhevm-manage-domains
________________________________________
Da: Roy Golan [rgolan(a)redhat.com]
Inviato: martedì 4 settembre 2012 7.44
A: Scotto Alberto
Cc: users(a)ovirt.org; Oved Ourfalli
Oggetto: Re: [Users] can't add domain with rhevm-manage-domains
----- Original Message -----
> From: "Scotto Alberto" <al.scotto(a)reply.it>
> To: "Oved Ourfalli" <ovedo(a)redhat.com>
> Cc: users(a)ovirt.org
> Sent: Monday, September 3, 2012 4:21:27 PM
> Subject: Re: [Users] can't add domain with rhevm-manage-domains
>
> Oved,
> Thank you for your try!
>
> > The query you pasted below shows "DOMAIN.LOCAL".
> That was just an example. The command I ran was correct (FPT.LOCAL)
>
> The issue seems solved. This morning I tried logging in with my
> domain user and it succeeded.
> Then a colleague of mine stopped again the reverse zone for the AD
> server, and now I can't login again, even after reactivating the
> zone..
> I suppose there must be some cache delay... :S
If you'll use openjdk 1.7 this problem will not surface. out of
curiosity, what is the output of java -version?
[root@pittor06vhxd010 ~]# java -version
java version "1.6.0_33"
Java(TM) SE Runtime Environment (build 1.6.0_33-b03)
Java HotSpot(TM) 64-Bit Server VM (build 20.8-b03, mixed mode)
for security reasons, canonicalizing of the host name was dropped in openjdk7 (in ldap
implementation). if you can move forward to openjdk 7 than reverse PTR will not bother you
anymore.
Alberto Scotto
Blue Reply
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
________________________________
--
The information transmitted is intended for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of,
or taking of any action in reliance upon, this information by
persons or entities other than the intended recipient is prohibited.
If you received this in error, please contact the sender and delete
the material from any computer.
12:29 p.m.
New subject: [Users] R: R: can't add domain with rhevm-manage-domains
________________________________________
Da: Roy Golan [rgolan(a)redhat.com]
Inviato: martedì 4 settembre 2012 11.03
A: Scotto Alberto
Cc: users(a)ovirt.org; Oved Ourfalli
Oggetto: Re: R: [Users] can't add domain with rhevm-manage-domains
----- Original Message -----
From: "Scotto Alberto" <al.scotto(a)reply.it>
To: "Roy Golan" <rgolan(a)redhat.com>
Cc: users(a)ovirt.org, "Oved Ourfalli" <ovedo(a)redhat.com>
Sent: Tuesday, September 4, 2012 11:08:03 AM
Subject: R: [Users] can't add domain with rhevm-manage-domains
________________________________________
Da: Roy Golan [rgolan(a)redhat.com]
Inviato: martedì 4 settembre 2012 7.44
A: Scotto Alberto
Cc: users(a)ovirt.org; Oved Ourfalli
Oggetto: Re: [Users] can't add domain with rhevm-manage-domains
----- Original Message -----
> From: "Scotto Alberto" <al.scotto(a)reply.it>
> To: "Oved Ourfalli" <ovedo(a)redhat.com>
> Cc: users(a)ovirt.org
> Sent: Monday, September 3, 2012 4:21:27 PM
> Subject: Re: [Users] can't add domain with rhevm-manage-domains
>
> Oved,
> Thank you for your try!
>
> > The query you pasted below shows "DOMAIN.LOCAL".
> That was just an example. The command I ran was correct (FPT.LOCAL)
>
> The issue seems solved. This morning I tried logging in with my
> domain user and it succeeded.
> Then a colleague of mine stopped again the reverse zone for the AD
> server, and now I can't login again, even after reactivating the
> zone..
> I suppose there must be some cache delay... :S
If you'll use openjdk 1.7 this problem will not surface. out of
curiosity, what is the output of java -version?
[root@pittor06vhxd010 ~]# java -version
java version "1.6.0_33"
Java(TM) SE Runtime Environment (build 1.6.0_33-b03)
Java HotSpot(TM) 64-Bit Server VM (build 20.8-b03, mixed mode)
for security reasons, canonicalizing of the host name was dropped in openjdk7 (in ldap
implementation). if you can move forward to openjdk 7 than reverse PTR will not bother you
anymore.
Ok, thank you for the explanation.
I've just installed java-1.7.0-openjdk with yum, and, now it works, although
"java -version" still gives me
[root@pittor06vhxd010 ~]# java -version
java version "1.6.0_33"
Java(TM) SE Runtime Environment (build 1.6.0_33-b03)
Java HotSpot(TM) 64-Bit Server VM (build 20.8-b03, mixed mode)
Alberto Scotto
Blue Reply
Via Cardinal Massaia, 83
10147 - Torino - ITALY
phone: +39 011 29100
al.scotto(a)reply.it
www.reply.it
________________________________
--
The information transmitted is intended for the person or entity to which it is addressed
and may contain confidential and/or privileged material. Any review, retransmission,
dissemination or other use of, or taking of any action in reliance upon, this information
by persons or entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from any computer.
4461
days inactive
4465
days old
7 comments
3 participants
participants (3)
-
Oved Ourfalli -
Roy Golan -
Scotto Alberto