[Users] webadmin login issues with AD

Keith Mitchell kamitch at cisco.com
Sun Mar 3 04:41:01 UTC 2013 

On 3/2/13 2:51 PM, Itamar Heim wrote:
> On 01/03/2013 18:54, Keith Mitchell wrote:
>>
>> I'm trying to get rhevm 3.1 (which seems to be pretty much ovirt 3.1
>> from what I can tell) authenticating against our active directory
>> infrastructure bu am having some difficulty that I don't quite
>> understand and was hoping someone may know what is happening.
>>
>> The server where rhevm/ovirt is running is a RHEL6 based server that has
>> NIS configured (with user home directories mounted via
>> nfs/automounter).  The userids in nis match the userids in our
>> ActiveDirectory server (in fact the passwords should match too since
>> there is a sync between the two).
>>
>> I added the Activedirectory server into ovirt (through
>> rhevm-manage-domains) and it is added/validated successfully. As the
>> local admin user I can go in and search agains the active directory, add
>> permissions, etc.
>>
>> But... If I try to log into the webadmin/user portals with one of the
>> active directory accounts it seems to hang... and I noticed that it
>> seems to be trying to mount the home directory of a bunch of users via
>> the automounter (perhaps its trying to mount everyones home directory...
>> can't tell).  This takes a super long time since the home directories
>> are all across the world and nfs access to some of these filesystems is
>> really slow... i'm not sure it will ever complete... certainly not
>> before the user gives up.
>>
>> Anyone know what would cause this?  I wouldn't think this should
>> happen.  I was thinking it should just authenticate the password and
>> then look at the permissions granted inside overt/rhevm.
>
> there is no need for the engine (rhev) machine to be part of the AD 
> domain for AD authentication to work, and i don't see why this should 
> happen.
> yair/juan - thoughts?
>
Turns out the home directory mounting thing had nothing to do with my 
login issues or ovirt... The home directory issue was due to an issue 
with mod_dnssd (part of apache) in RHEL6.

But even after fixing that, I still have login issues.  Whenever I try 
to authenticate against active directory the webadmin/user gui seems to 
hang.  I've looked at the network trace and it looks like the active 
directory authentication succeeded without issue, but the login screen 
just hangs.

I can log in with the local admin user fine and I don't see anything in 
the engine.log files.  Perhaps there may be some debug I can turn on to 
help identify what it is doing?

More information about the Users mailing list