[Users] Login Error using AD domain
Jeff Clay
jeffclay at gmail.com
Mon Apr 7 21:09:23 UTC 2014
This was working fine, now I get the error below in engine.log when I try
to log in. The clock times are the same. I even changed the time service on
the domain controller to use the same NTP source as the engine server. I
have rebooted the domain controller to make sure that all settings were
applied, but I still get this error. I can log into our other AD domain
without issue, the problem is just with this particular domain.
2014-04-07 16:05:07,453 ERROR
[org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy]
(ajp--127.0.0.1-8702-7) Kerberos error: Clock skew too great (37)
2014-04-07 16:05:07,454 ERROR
[org.ovirt.engine.core.bll.adbroker.GSSAPIDirContextAuthenticationStrategy]
(ajp--127.0.0.1-8702-7) Authentication Failed. The Engine clock is not
synchronized with directory services (must be within 5 minutes difference).
Please verify the clocks are synchronized
2014-04-07 16:05:07,456 ERROR
[org.ovirt.engine.core.bll.adbroker.DirectorySearcher]
(ajp--127.0.0.1-8702-7) Failed ldap search server ldap://par-dc1:389 using
user jclay at CORPORATE.WELLSCO.NET due to Authentication Failed. The Engine
clock is not synchronized with directory services (must be within 5 minutes
difference). Please verify the clocks are synchronized. We should try the
next server
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20140407/4a74fe0c/attachment-0001.html>
More information about the Users
mailing list