Parece que aqui na users-pt ninguém tem muita experiência com oVirt+IPA. Espero que tenhas mais sorte na users. Se ninguém ajudar, abre um bugzilla que algum devel vai ter que olhar pra esse problema. Seria legal tb se você pudesse testar com o 3.5rc5 pra ver se o problema persiste. On 10/10/2014 09:07 AM, Marcelo Donato wrote:

Olá,

Estou tendo problemas para utilizar oVirt com IPA. Abaixo se encontram os Logs e comandos utilizados. Desde já agradeço por alguma sugestão.

********************************************************************* Ipa Server - 10.30.0.25 LSB Version: :base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch Distributor ID: CentOS Description: CentOS release 6.5 (Final) Release: 6.5 Codename: Final # rpm -qa | grep ipa ipa-server-3.0.0-37.el6.x86_64 ipa-pki-ca-theme-9.0.3-7.el6.noarch ipa-python-3.0.0-37.el6.x86_64 ipa-pki-common-theme-9.0.3-7.el6.noarch ipa-admintools-3.0.0-37.el6.x86_64 ipa-server-selinux-3.0.0-37.el6.x86_64 ipa-client-3.0.0-37.el6.x86_64

# dig _kerberos._tcp.din.uem.br <http://tcp.din.uem.br>

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> _kerberos._tcp.din.uem.br <http://tcp.din.uem.br> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34293 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION: ;_kerberos._tcp.din.uem.br <http://tcp.din.uem.br>.INA

;; AUTHORITY SECTION: din.uem.br <http://din.uem.br>.3600INSOAns1.din.uem.br <http://ns1.din.uem.br>. root.din.uem.br <http://root.din.uem.br>. 2014100841 1800 900 60480 3600

;; Query time: 1 msec ;; SERVER: 186.233.152.33#53(186.233.152.33) ;; WHEN: Thu Oct 9 14:19:05 2014 ;; MSG SIZE rcvd: 88

# dig _ldap._tcp.din.uem.br <http://tcp.din.uem.br>

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> _ldap._tcp.din.uem.br <http://tcp.din.uem.br> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21167 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION: ;_ldap._tcp.din.uem.br <http://tcp.din.uem.br>.INA

;; AUTHORITY SECTION: din.uem.br <http://din.uem.br>.3600INSOAns1.din.uem.br <http://ns1.din.uem.br>. root.din.uem.br <http://root.din.uem.br>. 2014100841 1800 900 60480 3600

;; Query time: 1 msec ;; SERVER: 186.233.152.33#53(186.233.152.33) ;; WHEN: Thu Oct 9 14:20:16 2014 ;; MSG SIZE rcvd: 84

/var/log/dirsrv/slapd-DIN-UEM-BR/access ------------------------------------------------------------------------------------------------------------------------- conn=3 op=210 SRCH base="dc=din,dc=uem,dc=br" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=admin@DIN.UEM.BR <mailto:admin@DIN.UEM.BR>))" attrs="krbPrincipalName krbCanonicalName ipaKrbPrincipalAlias krbUPEnabled k conn=3 op=210 RESULT err=0 tag=101 nentries=1 etime=0 conn=3 op=211 SRCH base="cn=DIN.UEM.BR <http://DIN.UEM.BR>,cn=kerberos,dc=din,dc=uem,dc=br" scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife krbMaxRenewableAge krbTicketFlags" conn=3 op=211 RESULT err=0 tag=101 nentries=1 etime=0 conn=3 op=212 SRCH base="dc=din,dc=uem,dc=br" scope=2 filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=krbtgt/DIN.UEM.BR@DIN.UEM.BR <mailto:DIN.UEM.BR@DIN.UEM.BR>)(krbPrincipalName=krbtgt/DIN.UEM conn=3 op=212 RESULT err=0 tag=101 nentries=1 etime=0 conn=3 op=213 SRCH base="cn=global_policy,cn=DIN.UEM.BR <http://DIN.UEM.BR>,cn=kerberos,dc=din,dc=uem,dc=br" scope=0 filter="(objectClass=*)" attrs="krbMaxPwdLife krbMinPwdLife krbPwdMinDiffChars krbPwdMinLength krbPwdHistoryLength krbPwdMaxFailure krbPwdF conn=3 op=213 RESULT err=0 tag=101 nentries=1 etime=0 conn=50 fd=66 slot=66 connection from 10.30.0.23 to 10.30.0.25 conn=50 op=-1 fd=66 closed error 34 (Numerical result out of range) - B2

/var/log/ovirt-engine/engine-manage-domains.log ------------------------------------------------------------------------------------------------------------------------- 2014-10-09 11:23:05,901 INFO [org.ovirt.engine.core.utils.LocalConfig] Loaded file "/usr/share/ovirt-engine/services/ovirt-engine/ovirt-engine.conf". 2014-10-09 11:23:05,903 INFO [org.ovirt.engine.core.utils.LocalConfig] The file "/etc/ovirt-engine/engine.conf" doesn't exist or isn't readable. Will return an empty set of properties. 2014-10-09 11:23:05,904 INFO [org.ovirt.engine.core.utils.LocalConfig] Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-database.conf". 2014-10-09 11:23:05,905 INFO [org.ovirt.engine.core.utils.LocalConfig] Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-jboss.conf". 2014-10-09 11:23:05,906 INFO [org.ovirt.engine.core.utils.LocalConfig] Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-pki.conf". 2014-10-09 11:23:05,907 INFO [org.ovirt.engine.core.utils.LocalConfig] Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-protocols.conf". 2014-10-09 11:23:05,908 INFO [org.ovirt.engine.core.utils.LocalConfig] Loaded file "/etc/ovirt-engine/engine.conf.d/20-ovirt-engine-reports.conf". 2014-10-09 11:23:05,909 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_AJP_ENABLED" is "true". 2014-10-09 11:23:05,909 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_AJP_PORT" is "8702". 2014-10-09 11:23:05,909 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_APPS" is "engine.ear "/var/lib/ovirt-engine-reports/ovirt-engine-reports.war"". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_CACHE" is "/var/cache/ovirt-engine". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_CHECK_INTERVAL" is "1000". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_CONNECTION_TIMEOUT" is "300000". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_DATABASE" is "engine". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_DRIVER" is "org.postgresql.Driver". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_HOST" is "localhost". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_MAX_CONNECTIONS" is "100". 2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_MIN_CONNECTIONS" is "1". 2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_PASSWORD" is "***". 2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_PORT" is "5432". 2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_SECURED" is "False". 2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_SECURED_VALIDATION" is "False". 2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_URL" is "jdbc:postgresql://localhost:5432/engine?sslfactory=org.postgresql.ssl.NonValidatingFactory". 2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DB_USER" is "engine". 2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DEBUG_ADDRESS" is "". 2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_DOC" is "/usr/share/doc/ovirt-engine". 2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_ETC" is "/etc/ovirt-engine". 2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_FQDN" is "ovirtm.din.uem.br <http://ovirtm.din.uem.br>". 2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_GROUP" is "ovirt". 2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_HEAP_MAX" is "1g". 2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_HEAP_MIN" is "1g". 2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_HTTPS_ENABLED" is "false". 2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_HTTPS_PORT" is "None". 2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_HTTPS_PROTOCOLS" is "SSLv3,TLSv1,TLSv1.1,TLSv1.2". 2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_HTTP_ENABLED" is "false". 2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_HTTP_PORT" is "None". 2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_JAVA_MODULEPATH" is "/usr/share/ovirt-engine/modules:/var/lib/ovirt-engine-reports/modules". 2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_JVM_ARGS" is " -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath="/var/log/ovirt-engine/dump"". 2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_LOG" is "/var/log/ovirt-engine". 2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_LOG_TO_CONSOLE" is "false". 2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_MANUAL" is "/usr/share/ovirt-engine/manual". 2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PERM_MAX" is "256m". 2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PERM_MIN" is "256m". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI" is "/etc/pki/ovirt-engine". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI_CA" is "/etc/pki/ovirt-engine/ca.pem". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI_ENGINE_CERT" is "/etc/pki/ovirt-engine/certs/engine.cer". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI_ENGINE_STORE" is "/etc/pki/ovirt-engine/keys/engine.p12". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI_ENGINE_STORE_ALIAS" is "1". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI_ENGINE_STORE_PASSWORD" is "***". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI_TRUST_STORE" is "/etc/pki/ovirt-engine/.truststore". 2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PKI_TRUST_STORE_PASSWORD" is "***". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PROPERTIES" is " jsse.enableSNIExtension=false". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PROXY_ENABLED" is "true". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PROXY_HTTPS_PORT" is "443". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_PROXY_HTTP_PORT" is "80". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_REPORTS_UI" is "/var/lib/ovirt-engine/reports.xml". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_STOP_INTERVAL" is "1". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_STOP_TIME" is "10". 2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_TMP" is "/var/tmp/ovirt-engine". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_UP_MARK" is "/var/lib/ovirt-engine/engine.up". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_URI" is "/ovirt-engine". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_USER" is "ovirt". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_USR" is "/usr/share/ovirt-engine". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_VAR" is "/var/lib/ovirt-engine". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "ENGINE_VERBOSE_GC" is "false". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "JBOSS_HOME" is "/usr/share/jboss-as". 2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig] Value of property "SENSITIVE_KEYS" is ",ENGINE_DB_PASSWORD,ENGINE_PKI_TRUST_STORE_PASSWORD,ENGINE_PKI_ENGINE_STORE_PASSWORD". 2014-10-09 11:23:39,328 INFO [org.ovirt.engine.core.domains.ManageDomains] Creating kerberos configuration for domain(s): din.uem.br <http://din.uem.br> 2014-10-09 11:23:39,357 INFO [org.ovirt.engine.core.domains.ManageDomains] Successfully created kerberos configuration for domain(s): din.uem.br <http://din.uem.br> 2014-10-09 11:23:39,357 INFO [org.ovirt.engine.core.domains.ManageDomains] Testing kerberos configuration for domain: din.uem.br <http://din.uem.br> 2014-10-09 11:23:39,572 ERROR [org.ovirt.engine.core.utils.kerberos.KerberosConfigCheck] Error: exception message: Cannot get a KDC reply 2014-10-09 11:23:39,577 ERROR [org.ovirt.engine.core.domains.ManageDomains] Failure while testing domain din.uem.br <http://din.uem.br>. Details: Kerberos error. Please check log for further details. ********************************************************************* oVirt Manager - 10.30.0.23 LSB Version: :base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch Distributor ID: CentOS Description: CentOS release 6.5 (Final) Release: 6.5 Codename: Final

# rpm -qa | grep -i ovirt

ovirt-engine-dwh-setup-3.4.0-2.el6.noarch ovirt-engine-dwh-3.4.0-2.el6.noarch ovirt-hosted-engine-ha-1.1.2-1.el6.noarch ovirt-engine-setup-plugin-websocket-proxy-3.4.0-1.el6.noarch ovirt-engine-cli-3.4.0.5-1.el6.noarch ovirt-engine-restapi-3.4.0-1.el6.noarch ovirt-engine-dbscripts-3.4.0-1.el6.noarch ovirt-release-11.2.0-1.noarch ovirt-engine-sdk-python-3.4.0.7-1.el6.noarch ovirt-host-deploy-1.2.0-1.el6.noarch ovirt-engine-reports-setup-3.4.0-2.el6.noarch ovirt-engine-lib-3.4.0-1.el6.noarch ovirt-engine-websocket-proxy-3.4.0-1.el6.noarch ovirt-log-collector-3.4.1-1.el6.noarch ovirt-engine-setup-plugin-ovirt-engine-common-3.4.0-1.el6.noarch ovirt-host-deploy-java-1.2.0-1.el6.noarch ovirt-engine-tools-3.4.0-1.el6.noarch ovirt-engine-userportal-3.4.0-1.el6.noarch ovirt-engine-setup-plugin-ovirt-engine-3.4.0-1.el6.noarch ovirt-engine-backend-3.4.0-1.el6.noarch ovirt-engine-reports-3.4.0-2.el6.noarch ovirt-engine-setup-base-3.4.0-1.el6.noarch ovirt-iso-uploader-3.4.0-1.el6.noarch ovirt-image-uploader-3.4.0-1.el6.noarch ovirt-engine-webadmin-portal-3.4.0-1.el6.noarch ovirt-engine-setup-3.4.0-1.el6.noarch ovirt-engine-3.4.0-1.el6.noarch

engine-manage-domains add --domain=din.uem.br <http://din.uem.br> --provider=ipa --user=admin Enter password: Error: exception message: Cannot get a KDC reply Failure while testing domain din.uem.br <http://din.uem.br>. Details: Kerberos error. Please check log for further details.

At. Donato.

-- Ao encaminhar esta mensagem, por favor: 1. Apague o meu e-mail e o meu nome. 2. Apague também os endereços dos amigos antes de reenviar 3. Use Cco ou Bcc para enviar mensagens! Dificulte a disseminação de vírus e spam.

_______________________________________________ Users-pt mailing list Users-pt@ovirt.org http://lists.ovirt.org/mailman/listinfo/users-pt