[Users] tool engine-manage-domains

Yair Zaslavsky yzaslavs at redhat.com
Wed Dec 5 21:31:10 EST 2012


----- Original Message -----

> From: "victor nunes" <victor.rebli at gmail.com>
> To: "Yair Zaslavsky" <yzaslavs at redhat.com>
> Cc: users at ovirt.org, "Itamar Heim" <iheim at redhat.com>
> Sent: Thursday, December 6, 2012 2:14:49 AM
> Subject: Re: [Users] tool engine-manage-domains

> Hello,

> I'm going to do all these tests, but a question.

> I need to configure Kerberos on the server LDAP?

> Att,
Yes. 

> 2012/12/4 Yair Zaslavsky < yzaslavs at redhat.com >

> > Hi,
> 
> > Several things -
> 
> > a. I think logging at this point should be improved
> 
> > b. Since the log is not informative enough, please try the
> > following:
> 
> > 1. Check that your credentials are correct
> 
> > 2. Check you have no clock skew issue (the time difference between
> > the machine running manage-domains and your ldap server should be
> > less or equal to 5 minutes).
> 
> > 3. Connection refused so there is some connectivity issue -
> 
> > please query your ldap SRV records for the domain (IMHO dig SRV
> > _ldap._tcp. viperde.com.br should do the trick)
> 
> > please try to connect to these ldap servers manually -
> 

> > For example, if the returned host from the dig SRV query is
> 
> > aaa.viperde.com.br
> 

> > perform:
> 
> > telnet aaa.viperde.com.br 389
> 

> > Turns out that I did not have telnet installed on my fc17 machine -
> 
> > I used yum install telnet to install it.
> 

> > Kind regards,
> 

> > Yair
> 

> > > From: "victor nunes" < victor.rebli at gmail.com >
> > 
> 
> > > To: "Itamar Heim" < iheim at redhat.com >
> > 
> 
> > > Cc: "Yair Zaslavsky" < yzaslavs at redhat.com >, users at ovirt.org
> > 
> 
> > > Sent: Tuesday, December 4, 2012 3:28:56 AM
> > 
> 
> > > Subject: Re: [Users] tool engine-manage-domains
> > 
> 

> > > Thanks for the reply.
> > 
> 

> > > I do not have another machine to the power configuar FreeIPA.
> > 
> 

> > > I have a machine, I do not have access, which is an LDAP server
> > > installed on it.
> > 
> 
> > > I configured a machine that is oVirt-manage as ldap client, I
> > > configured the dns, but in time to include the domain happens the
> > > following error:
> > 
> 

> > > Error: exception message: Connection refused
> > 
> 
> > > Failure while testing domain viprede.com.br . Details: Kerberos
> > > error. Please check log for further Top details.
> > 
> 

> > > in the logs, I have the following lines:
> > 
> 

> > > 03/12/2012 20:25:26,390 INFO
> > > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating
> > > kerberos configuration for domain (s): viprede.com.br
> > 
> 
> > > 03/12/2012 20:25:26,422 INFO
> > > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Successfully
> > > created kerberos configuration for domain (s): viprede.com.br
> > 
> 
> > > 03/12/2012 20:25:26,422 INFO
> > > [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing
> > > kerberos configuration for domain: viprede.com.br .
> > 
> 

> > > So what could be this error?
> > 
> 

> > > 2012/11/29 Itamar Heim < iheim at redhat.com >
> > 
> 

> > > > On 11/29/2012 05:58 AM, victor nunes wrote:
> > > 
> > 
> 

> > > > > 2012/11/29 Yair Zaslavsky < yzaslavs at redhat.com <mailto:
> > > > > yzaslavs at redhat.com >>
> > > > 
> > > 
> > 
> 

> > > > > Hi,
> > > > 
> > > 
> > 
> 
> > > > > Can you redirect your question to users at ovirt.org
> > > > 
> > > 
> > 
> 
> > > > > <mailto: users at ovirt.org >?
> > > > 
> > > 
> > 
> 

> > > > > I think others will help you to forward your question to
> > > > > relevant
> > > > 
> > > 
> > 
> 
> > > > > people here (not sure I can provide a good answer).
> > > > 
> > > 
> > 
> 

> > > > > On 11/29/2012 03:26 AM, victor nunes wrote:
> > > > 
> > > 
> > 
> 

> > > > > So I'm trying to install FreeIPA on the same machine that
> > > > 
> > > 
> > 
> 
> > > > > oVirt-manage,
> > > > 
> > > 
> > 
> 
> > > > > but at the time of installation, the following error occurs:
> > > > 
> > > 
> > 
> 

> > > > > FreeIPA-server conflicts with 1: mod_ssl-2.2.22-4.fc17.x86_64
> > > > 
> > > 
> > 
> 

> > > > > Looking for a solution to the problem, I discovered that this
> > > > > is
> > > > 
> > > 
> > 
> 
> > > > > a bug
> > > > 
> > > 
> > 
> 
> > > > > reported by others.
> > > > 
> > > 
> > 
> 

> > > > > Follow the link to the bug reported:
> > > > 
> > > 
> > 
> 
> > > > > https://bugzilla.redhat.com/__ show_bug.cgi?id=840098
> > > > 
> > > 
> > 
> 

> > > > > < https://bugzilla.redhat.com/ show_bug.cgi?id=840098 >
> > > > 
> > > 
> > 
> 

> > > > > Then, using oo FreeIPA not be possible, which otherwise I
> > > > > have
> > > > 
> > > 
> > 
> 
> > > > > to add
> > > > 
> > > 
> > 
> 
> > > > > new domains and users?
> > > > 
> > > 
> > 
> 

> > > > > Em 8 de novembro de 2012 02:41, Yair Zaslavsky
> > > > 
> > > 
> > 
> 
> > > > > < yzaslavs at redhat.com <mailto: yzaslavs at redhat.com >
> > > > 
> > > 
> > 
> 
> > > > > <mailto: yzaslavs at redhat.com <mailto: yzaslavs at redhat.com >>>
> > > > > escreveu:
> > > > 
> > > 
> > 
> 

> > > > > Hi,
> > > > 
> > > 
> > 
> 
> > > > > You cannot create new users for the internal domain.
> > > > 
> > > 
> > 
> 
> > > > > The internal domain was developed for quick POC, just to
> > > > 
> > > 
> > 
> 
> > > > > allow login
> > > > 
> > > 
> > 
> 
> > > > > to the system without the need for ldap provider.
> > > > 
> > > 
> > 
> 
> > > > > I recommend you install some ldap server (i.e - free IPA)
> > > > 
> > > 
> > 
> 
> > > > > and try to
> > > > 
> > > 
> > 
> 
> > > > > work with it.
> > > > 
> > > 
> > 
> 

> > > > > On 11/08/2012 01:08 AM, victor nunes wrote:
> > > > 
> > > 
> > 
> 

> > > > > Sorry.
> > > > 
> > > 
> > 
> 

> > > > > Att,
> > > > 
> > > 
> > 
> 

> > > > > 2012/11/7 victor nunes < victor.rebli at gmail.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com >
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com >__>
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com > <mailto:
> > > > > victor.rebli at gmail.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com >__>__>>
> > > > 
> > > 
> > 
> 

> > > > > Thanks for the reply.
> > > > 
> > > 
> > 
> 

> > > > > As the command "engine-manage-domains" works with
> > > > 
> > > 
> > 
> 
> > > > > ldap, how
> > > > 
> > > 
> > 
> 
> > > > > can I
> > > > 
> > > 
> > 
> 
> > > > > create another user in the field "internal", and user
> > > > 
> > > 
> > 
> 
> > > > > "admin" that
> > > > 
> > > 
> > 
> 
> > > > > is created when you installed the engine-setup?
> > > > 
> > > 
> > 
> 

> > > > > 2012/11/4 Yair Zaslavsky < yzaslavs at redhat.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: yzaslavs at redhat.com >
> > > > 
> > > 
> > 
> 
> > > > > <mailto: yzaslavs at redhat.com <mailto: yzaslavs at redhat.com >>
> > > > 
> > > 
> > 
> 
> > > > > <mailto: yzaslavs at redhat.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: yzaslavs at redhat.com > <mailto: yzaslavs at redhat.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: yzaslavs at redhat.com >>> >
> > > > 
> > > 
> > 
> 

> > > > > Hi,
> > > > 
> > > 
> > 
> 
> > > > > The specified tool handle only ldap domains,
> > > > 
> > > 
> > 
> 
> > > > > and not the
> > > > 
> > > 
> > 
> 
> > > > > internal domain.
> > > > 
> > > 
> > 
> 
> > > > > What would you like to change at the internal
> > > > 
> > > 
> > 
> 
> > > > > domain?
> > > > 
> > > 
> > 
> 
> > > > > I suggest you try to use engine-config for this.
> > > > 
> > > 
> > 
> 

> > > > > ------------------------------ ____--------------------------
> > > > > --__--__------------
> > > > 
> > > 
> > 
> 

> > > > > *From: *"victor nunes"
> > > > 
> > > 
> > 
> 
> > > > > < victor.rebli at gmail.com <mailto: victor.rebli at gmail.com >
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com >__>
> > > > 
> > > 
> > 
> 

> > > > > <mailto: victor.rebli at gmail.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com >
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com
> > > > 
> > > 
> > 
> 
> > > > > <mailto: victor.rebli at gmail.com >__>__>>
> > > > 
> > > 
> > 
> 

> > > > > *To: * users at ovirt.org
> > > > 
> > > 
> > 
> 
> > > > > <mailto: users at ovirt.org > <mailto: users at ovirt.org
> > > > 
> > > 
> > 
> 
> > > > > <mailto: users at ovirt.org >>
> > > > 
> > > 
> > 
> 
> > > > > <mailto: users at ovirt.org <mailto: users at ovirt.org >
> > > > 
> > > 
> > 
> 
> > > > > <mailto: users at ovirt.org <mailto: users at ovirt.org >>>
> > > > 
> > > 
> > 
> 

> > > > > *Sent: *Sunday, November 4, 2012 12:18:55 AM
> > > > 
> > > 
> > 
> 
> > > > > *Subject: *[Users] tool engine-manage-domains
> > > > 
> > > 
> > 
> 

> > > > > I'm trying to change the default domain, the
> > > > 
> > > 
> > 
> 
> > > > > "internal" with
> > > > 
> > > 
> > 
> 
> > > > > the following command:
> > > > 
> > > 
> > 
> 

> > > > > engine-manage-domains -action=edit
> > > > 
> > > 
> > 
> 
> > > > > -domain=internal
> > > > 
> > > 
> > 
> 

> > > > > However, i am getting the following message:
> > > > 
> > > 
> > 
> 

> > > > > "Domain internal doesn't exist int the
> > > > 
> > > 
> > 
> 
> > > > > configuration"
> > > > 
> > > 
> > 
> 

> > > > > This is my domain admin user that is
> > > > 
> > > 
> > 
> 
> > > > > configured in the
> > > > 
> > > 
> > 
> 
> > > > > installation ovirt-setup.
> > > > 
> > > 
> > 
> 

> > > > > So, how can i fix it to include a user in
> > > > 
> > > 
> > 
> 
> > > > > this domain?
> > > > 
> > > 
> > 
> 

> > > > > Att,
> > > > 
> > > 
> > 
> 

> > > > > --
> > > > 
> > > 
> > 
> 
> > > > > “Encarada do ponto de vista da juventude,
> > > > 
> > > 
> > 
> 
> > > > > a vida
> > > > 
> > > 
> > 
> 
> > > > > parece um
> > > > 
> > > 
> > 
> 
> > > > > futuro
> > > > 
> > > 
> > 
> 
> > > > > indefinidamente longo, ao passo que, na
> > > > 
> > > 
> > 
> 
> > > > > velhice,
> > > > 
> > > 
> > 
> 
> > > > > ela parece
> > > > 
> > > 
> > 
> 
> > > > > um passado
> > > > 
> > > 
> > 
> 
> > > > > deveras curto. Assim, a vida no seu início se
> > > > 
> > > 
> > 
> 
> > > > > apresenta do
> > > > 
> > > 
> > 
> 
> > > > > mesmo modo
> > > > 
> > > 
> > 
> 
> > > > > que as coisas quando as olhamos através de um
> > > > 
> > > 
> > 
> 
> > > > > binóculo usado
> > > > 
> > > 
> > 
> 
> > > > > ao contrário; mas, ao
> > > > 
> > > 
> > 
> 
> > > > > seu final, ela se parece com as coisas
> > > > 
> > > 
> > 
> 
> > > > > tal qual
> > > > 
> > > 
> > 
> 
> > > > > são vistas
> > > > 
> > > 
> > 
> 
> > > > > quando o binóculo
> > > > 
> > > 
> > 
> 
> > > > > é usado de modo normal. Um homem precisa ter
> > > > 
> > > 
> > 
> 
> > > > > envelhecido e
> > > > 
> > > 
> > 
> 
> > > > > vivido
> > > > 
> > > 
> > 
> 
> > > > > bastante para perceber como a vida é curta”.
> > > > 
> > > 
> > 
> 

> > > > > (Poema de Arthur Schopenhauer)
> > > > 
> > > 
> > 
> 

> > > > > ______________________________ _____________________
> > > > 
> > > 
> > 
> 

> > > > > Users mailing list
> > > > 
> > > 
> > 
> 
> > > > > Users at ovirt.org <mailto: Users at ovirt.org > <mailto:
> > > > > Users at ovirt.org
> > > > 
> > > 
> > 
> 
> > > > > <mailto: Users at ovirt.org >> <mailto: Users at ovirt.org
> > > > 
> > > 
> > 
> 
> > > > > <mailto: Users at ovirt.org >
> > > > 
> > > 
> > 
> 
> > > > > <mailto: Users at ovirt.org <mailto: Users at ovirt.org >>>
> > > > 
> > > 
> > 
> 

> > > > > http://lists.ovirt.org/____ mailman/listinfo/users
> > > > 
> > > 
> > 
> 
> > > > > < http://lists.ovirt.org/__ mailman/listinfo/users >
> > > > 
> > > 
> > 
> 

> > > > > < http://lists.ovirt.org/__ mailman/listinfo/users
> > > > 
> > > 
> > 
> 
> > > > > < http://lists.ovirt.org/ mailman/listinfo/users >>
> > > > 
> > > 
> > 
> 

> > > > > --
> > > > 
> > > 
> > 
> 
> > > > > “Encarada do ponto de vista da juventude, a vida
> > > > 
> > > 
> > 
> 
> > > > > parece um
> > > > 
> > > 
> > 
> 
> > > > > futuro
> > > > 
> > > 
> > 
> 
> > > > > indefinidamente longo, ao passo que, na velhice,
> > > > 
> > > 
> > 
> 
> > > > > ela parece
> > > > 
> > > 
> > 
> 
> > > > > um passado
> > > > 
> > > 
> > 
> 
> > > > > deveras curto. Assim, a vida no seu início se
> > > > 
> > > 
> > 
> 
> > > > > apresenta do
> > > > 
> > > 
> > 
> 
> > > > > mesmo modo
> > > > 
> > > 
> > 
> 
> > > > > que as coisas quando as olhamos através de um
> > > > 
> > > 
> > 
> 
> > > > > binóculo usado ao
> > > > 
> > > 
> > 
> 
> > > > > contrário; mas, ao
> > > > 
> > > 
> > 
> 
> > > > > seu final, ela se parece com as coisas tal qual
> > > > 
> > > 
> > 
> 
> > > > > são vistas
> > > > 
> > > 
> > 
> 
> > > > > quando o
> > > > 
> > > 
> > 
> 
> > > > > binóculo
> > > > 
> > > 
> > 
> 
> > > > > é usado de modo normal. Um homem precisa ter
> > > > 
> > > 
> > 
> 
> > > > > envelhecido e
> > > > 
> > > 
> > 
> 
> > > > > vivido
> > > > 
> > > 
> > 
> 
> > > > > bastante para perceber como a vida é curta”.
> > > > 
> > > 
> > 
> 

> > > > > (Poema de Arthur Schopenhauer)
> > > > 
> > > 
> > 
> 

> > > > > --
> > > > 
> > > 
> > 
> 
> > > > > “Encarada do ponto de vista da juventude, a vida parece
> > > > 
> > > 
> > 
> 
> > > > > um futuro
> > > > 
> > > 
> > 
> 
> > > > > indefinidamente longo, ao passo que, na velhice, ela
> > > > 
> > > 
> > 
> 
> > > > > parece um
> > > > 
> > > 
> > 
> 
> > > > > passado
> > > > 
> > > 
> > 
> 
> > > > > deveras curto. Assim, a vida no seu início se apresenta
> > > > 
> > > 
> > 
> 
> > > > > do mesmo
> > > > 
> > > 
> > 
> 
> > > > > modo
> > > > 
> > > 
> > 
> 
> > > > > que as coisas quando as olhamos através de um binóculo
> > > > 
> > > 
> > 
> 
> > > > > usado ao
> > > > 
> > > 
> > 
> 
> > > > > contrário; mas, ao
> > > > 
> > > 
> > 
> 
> > > > > seu final, ela se parece com as coisas tal qual são
> > > > 
> > > 
> > 
> 
> > > > > vistas quando o
> > > > 
> > > 
> > 
> 
> > > > > binóculo
> > > > 
> > > 
> > 
> 
> > > > > é usado de modo normal. Um homem precisa ter
> > > > 
> > > 
> > 
> 
> > > > > envelhecido e vivido
> > > > 
> > > 
> > 
> 
> > > > > bastante para perceber como a vida é curta”.
> > > > 
> > > 
> > 
> 

> > > > > (Poema de Arthur Schopenhauer)
> > > > 
> > > 
> > 
> 

> > > > > --
> > > > 
> > > 
> > 
> 
> > > > > “Encarada do ponto de vista da juventude, a vida parece um
> > > > > futuro
> > > > 
> > > 
> > 
> 
> > > > > indefinidamente longo, ao passo que, na velhice, ela parece
> > > > > um
> > > > 
> > > 
> > 
> 
> > > > > passado
> > > > 
> > > 
> > 
> 
> > > > > deveras curto. Assim, a vida no seu início se apresenta do
> > > > > mesmo
> > > > 
> > > 
> > 
> 
> > > > > modo
> > > > 
> > > 
> > 
> 
> > > > > que as coisas quando as olhamos através de um binóculo usado
> > > > > ao
> > > > 
> > > 
> > 
> 
> > > > > contrário; mas, ao
> > > > 
> > > 
> > 
> 
> > > > > seu final, ela se parece com as coisas tal qual são vistas
> > > > > quando
> > > > > o
> > > > 
> > > 
> > 
> 
> > > > > binóculo
> > > > 
> > > 
> > 
> 
> > > > > é usado de modo normal. Um homem precisa ter envelhecido e
> > > > > vivido
> > > > 
> > > 
> > 
> 
> > > > > bastante para perceber como a vida é curta”.
> > > > 
> > > 
> > 
> 

> > > > > (Poema de Arthur Schopenhauer)
> > > > 
> > > 
> > 
> 

> > > > > --
> > > > 
> > > 
> > 
> 
> > > > > “Encarada do ponto de vista da juventude, a vida parece um
> > > > > futuro
> > > > 
> > > 
> > 
> 
> > > > > indefinidamente longo, ao passo que, na velhice, ela parece
> > > > > um
> > > > > passado
> > > > 
> > > 
> > 
> 
> > > > > deveras curto. Assim, a vida no seu início se apresenta do
> > > > > mesmo
> > > > > modo
> > > > 
> > > 
> > 
> 
> > > > > que as coisas quando as olhamos através de um binóculo usado
> > > > > ao
> > > > 
> > > 
> > 
> 
> > > > > contrário; mas, ao
> > > > 
> > > 
> > 
> 
> > > > > seu final, ela se parece com as coisas tal qual são vistas
> > > > > quando
> > > > > o
> > > > 
> > > 
> > 
> 
> > > > > binóculo
> > > > 
> > > 
> > 
> 
> > > > > é usado de modo normal. Um homem precisa ter envelhecido e
> > > > > vivido
> > > > 
> > > 
> > 
> 
> > > > > bastante para perceber como a vida é curta”.
> > > > 
> > > 
> > 
> 

> > > > > (Poema de Arthur Schopenhauer)
> > > > 
> > > 
> > 
> 

> > > > > ______________________________ _________________
> > > > 
> > > 
> > 
> 
> > > > > Users mailing list
> > > > 
> > > 
> > 
> 
> > > > > Users at ovirt.org
> > > > 
> > > 
> > 
> 
> > > > > http://lists.ovirt.org/ mailman/listinfo/users
> > > > 
> > > 
> > 
> 

> > > > there are three issues with installing freeipa on same machine
> > > > as
> > > > ovirt:
> > > 
> > 
> 
> > > > 1. the mod_ssl, which is solvable, but requires some work on
> > > > our
> > > > side.
> > > 
> > 
> 
> > > > 2. we faced some upgrade issues around this use case, though
> > > > non
> > > > are
> > > > relevant right now iirc.
> > > 
> > 
> 
> > > > 3. freeipa will override the default apache homepage
> > > > redirection
> > > > ovirt placed.
> > > 
> > 
> 

> > > > have you considered running freeipa in a guest? you can still
> > > > use
> > > > admin at internal for issues with that guest if needed.
> > > 
> > 
> 

> > > --
> > 
> 
> > > “Encarada do ponto de vista da juventude, a vida parece um futuro
> > 
> 
> > > indefinidamente longo, ao passo que, na velhice, ela parece um
> > > passado
> > 
> 
> > > deveras curto. Assim, a vida no seu início se apresenta do mesmo
> > > modo
> > 
> 
> > > que as coisas quando as olhamos através de um binóculo usado ao
> > > contrário; mas, ao
> > 
> 
> > > seu final, ela se parece com as coisas tal qual são vistas quando
> > > o
> > > binóculo
> > 
> 
> > > é usado de modo normal. Um homem precisa ter envelhecido e vivido
> > 
> 
> > > bastante para perceber como a vida é curta”.
> > 
> 

> > > (Poema de Arthur Schopenhauer)
> > 
> 

> --
> “Encarada do ponto de vista da juventude, a vida parece um futuro
> indefinidamente longo, ao passo que, na velhice, ela parece um
> passado
> deveras curto. Assim, a vida no seu início se apresenta do mesmo modo
> que as coisas quando as olhamos através de um binóculo usado ao
> contrário; mas, ao
> seu final, ela se parece com as coisas tal qual são vistas quando o
> binóculo
> é usado de modo normal. Um homem precisa ter envelhecido e vivido
> bastante para perceber como a vida é curta”.

> (Poema de Arthur Schopenhauer)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20121205/f5fb4ae3/attachment-0002.html>


More information about the Users mailing list