[Users] oVirt and IPA

Jakub Bittner j.bittner at nbu.cz
Wed Nov 6 18:12:46 UTC 2013


Dne 6.11.2013 19:04, Jim Kinney napsal(a):
> Be sure to have a mirror IPA server _NOT_on the same ovirt host AND 
> you need to be using at least 2 DNS servers AND they both must be able 
> to point kerberos lookups to all IPA servers. I have my main IPA 
> server as a vm and a secondary on a physical system I run backups from.
>
>
>
>
> On Wed, Nov 6, 2013 at 12:49 PM, Jakub Bittner <j.bittner at nbu.cz 
> <mailto:j.bittner at nbu.cz>> wrote:
>
>     Hi,
>
>     I found an issue with IPA (and DNS) and oVirt. If I have hosted
>     IPA server in ovirt and have enabled login thru IPA to oVirt and I
>     stop IPA VM, I can not do anything in oVirt. I can not even log in
>     to oVirt, because login dialog is grayed out (I think it waits on
>     reaching IPA server). Of course I use IPA as primary DNS server
>     for oVirt. After some time oVirt lets me input local admin
>     credentials and waits on something.
>
>     I have more ipa servers, so I think login authentication should
>     fall back to another IPA server, but it does not.
>     _______________________________________________
>     Users mailing list
>     Users at ovirt.org <mailto:Users at ovirt.org>
>     http://lists.ovirt.org/mailman/listinfo/users
>
>
>
>
> -- 
> -- 
> James P. Kinney III
> ////
> ////Every time you stop a school, you will have to build a jail. What 
> you gain at one end you lose at the other. It's like feeding a dog on 
> his own tail. It won't fatten the dog.
> - Speech 11/23/1900 Mark Twain
> ////
> http://heretothereideas.blogspot.com/
> ////

I have more IPA servers, but it does not fail over to second IPA server. 
Next server was online and reachable. Maybe problem is that oVirt 
authentication system has only one IPA server, but the question is how 
to add another one or where to look on config files.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131106/dff23ff7/attachment-0001.html>


More information about the Users mailing list