On Mon, 2012-04-09 at 14:10 -0400, Oved Ourfalli wrote:
----- Original Message -----
From: "Oved Ourfalli" <ovedo@redhat.com> To: "Sharad Mishra" <snmishra@linux.vnet.ibm.com> Cc: users@ovirt.org Sent: Monday, April 9, 2012 8:36:49 PM Subject: Re: [Users] Testing LDAP support.
----- Original Message -----
From: "Sharad Mishra" <snmishra@linux.vnet.ibm.com> To: users@ovirt.org Sent: Monday, April 9, 2012 8:19:23 PM Subject: [Users] Testing LDAP support.
Hi,
I was able to successfully test simple authentication support of IBM Directory Server (IDS) in ovirt. Next step is to test "DIGEST-MD5" support. This protocol is currently supported by my test IDS. But I get -
javax.naming.CommunicationException: [LDAP: error code 2 - Protocol Error]
When a call is made to construct InitialDirContext with following settings -
{java.naming.provider.url=ldap://ldapserver.ibm.com:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=uid=1234567,c=us,ou=ldapserver,o=ibm.com, java.naming.security.authentication=DIGEST-MD5 GSSAPI, java.naming.security.credentials=password, java.naming.referral=follow, java.naming.ldap.attributes.binary=objectGUID}
Can you also attach the jboss log and engine log? (assuming you are testing it in the ovirt-engine environment). They can be helpful, as it might be related to some class loading issue or something similar, and the log might shed light on that.
there is nothing much in jboss and engine logs. 2012-04-09 10:03:19,203 INFO [org.ovirt.engine.core.bll.DbUserCacheManager] (QuartzScheduler_Worker-56) DbUserCacheManager::refreshAllUserData() - entered 2012-04-09 11:03:19,205 INFO [org.ovirt.engine.core.bll.DbUserCacheManager] (QuartzScheduler_Worker-11) DbUserCacheManager::refreshAllUserData() - entered 2012-04-09 12:03:19,207 INFO [org.ovirt.engine.core.bll.DbUserCacheManager] (QuartzScheduler_Worker-84) DbUserCacheManager::refreshAllUserData() - entered Output of both, server.log and engine.log for this time period looks exactly same. Do I need to enable more logging? -Sharad
Do you know what could be going wrong here? I think its something wrong with my usage and not in code.
What test cases were run to verify RedHat DS support? I can try to run the same for IBM DS before posting the patch.
Hard to tell what went wrong there. I'll try to take a look a bit on the web (as I assume you did but I guess it can't hurt). As for RHDS, most tests were done manually:
* Adding users/groups * Authentication * Group membership * Adding / removing / editing RHDS domain with the engine-manage-domains utility. * Refresh users/groups. * Search for users/groups That's basically the main scenarios. We have an LdapTester as well. The problem there was to setup the environment needed for the testing. It contains test cases for AD/IPA.
Oved
Thanks Sharad Mishra IBM
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users