[ovirt-users] Adding domain to oVirt to 3.5 issue
Alon Bar-Lev
alonbl at redhat.com
Tue Dec 2 14:46:28 UTC 2014
----- Original Message -----
> From: "Juan Jose" <jj197005 at gmail.com>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: "Ondra Machacek" <omachace at redhat.com>, "Yair Zaslavsky" <yzaslavs at redhat.com>, users at ovirt.org
> Sent: Tuesday, December 2, 2014 3:48:54 PM
> Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue
>
> Hello Alon and everybody,
>
> I have installed package ovirt-engine-extension-aaa-ldap and configure my
> files as the documentation says. The files are:
>
> /etc/ovirt-engine/extensions.d/siee.local-authn.properties:
>
> ovirt.engine.extension.name = siee.local-authn
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.ldap
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.ldap.AuthnExtension
> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
> ovirt.engine.aaa.authn.profile.name = siee.local
> ovirt.engine.aaa.authn.authz.plugin = siee.local-authz
> config.profile.file.1 = aaa/siee.local.properties
please use absolute file name for 3.5.0 relative will be available in 3.5.1
>
> /etc/ovirt-engine/extensions.d/siee.local-authz.properties:
>
> ovirt.engine.extension.name = siee.local-authz
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.ldap
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.ldap.AuthzExtension
> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
> config.profile.file.1 = aaa/siee.local.properties
please use absolute file name for 3.5.0 relative will be available in 3.5.1
>
> /etc/ovirt-engine/extensions.d/aaa/siee.local.properties:
>
> include = <ad.properties>
>
> #
> # Active directory domain name.
> #
> vars.domain = siee.local
>
> #
> # Search user and its password.
> #
> vars.user = juanjo@${global:vars.domain}
> vars.password = xxxxxxxx
this should be dedicate user for search not your private user.
>
> #
> # Optional DNS servers, if enterprise
> # DNS server cannot resolve the domain srvrecord.
> #
> #vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain}
>
> pool.default.serverset.type = srvrecord
> pool.default.serverset.srvrecord.domain = ${global:vars.domain}
> pool.default.auth.simple.bindDN = ${global:vars.user}
> pool.default.auth.simple.password = ${global:vars.password}
>
> # Uncomment if using custom DNS
> #pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url
> = ${global:vars.dns}
> #pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
>
> # Create keystore, import certificate chain and uncomment
> # if using ssl/tls.
> #pool.default.ssl.startTLS = true
> #pool.default.ssl.truststore.file =
> ${local:_basedir}/${global:vars.domain}.jks
> #pool.default.ssl.truststore.password = changeit
>
> And after this configuration I restart ovirt-engine service. When I try to
> login in administrator portal I can see the error "The user name or
> password is incorrect.". In /var/log/ovirt-engine/engine.log I have the
> errors:
>
> 2014-12-02 14:02:21,983 ERROR
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-8) Correlation ID: null, Call Stack: null, Custom
> Event ID: -1, Message: User juanjo cannot login, please verify the username
> and password.
> 2014-12-02 14:02:21,991 ERROR
> [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
> (ajp--127.0.0.1-8702-8) Correlation ID: null, Call Stack: null, Custom
> Event ID: -1, Message: User juanjo failed to log in.
>
> I'm using correct user and password becuase I can login in a Windows client
> machine which is inside siee.local domain with this user and its correct
> password.
>
> What do you think it could be the problem?
>
> If you need more information or I have to configure any other parameters,
> please tell me.
please attach full engine.log, more correctly, stop engine, remove engine.log start engine, try to login and send log.
please make sure you select the "siee.local" domain in dropdown of login screen.
when I get the engine.log I will be able to understand who to progress.
thanks!
>
> Many thanks in advanced,
>
> Juanjo.
>
>
>
> On Wed, Nov 26, 2014 at 3:19 PM, Alon Bar-Lev <alonbl at redhat.com> wrote:
>
> >
> >
> > ----- Original Message -----
> > > From: "Juan Jose" <jj197005 at gmail.com>
> > > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > > Cc: "Ondra Machacek" <omachace at redhat.com>, "Yair Zaslavsky" <
> > yzaslavs at redhat.com>, users at ovirt.org
> > > Sent: Wednesday, November 26, 2014 3:04:14 PM
> > > Subject: Re: [ovirt-users] Adding domain to oVirt to 3.5 issue
> > >
> > > Hello Alon and everybody,
> > >
> > > Check in my ovirt-engine machine for ovirt-engine-aaa-ldap package and it
> > > is not available:
> > >
> > > yum list "ovirt-engine*"
> > > Loaded plugins: fastestmirror, refresh-packagekit, security, versionlock
> > > Loading mirror speeds from cached hostfile
> > > * base: ftp.udl.es
> > > * epel: mirror.uv.es
> > > * extras: ftp.udl.es
> > > * ovirt-3.5: ftp.nluug.nl
> > > * ovirt-3.5-epel: mirror.uv.es
> > > * ovirt-3.5-jpackage-6.0-generic: mirror.ibcp.fr
> > > * ovirt-epel: mirror.uv.es
> > > * ovirt-jpackage-6.0-generic: mirror.ibcp.fr
> > > * updates: ftp.udl.es
> > > Installed Packages
> > > ovirt-engine.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-backend.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-cli.noarch
> > > 3.3.0.6-1.el6 @ovirt-3.3.3
> > > ovirt-engine-dbscripts.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-extensions-api-impl.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-jboss-as.x86_64
> > > 7.1.1-1.el6 @ovirt-3.5
> > > ovirt-engine-lib.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-restapi.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-sdk-python.noarch
> > > 3.5.0.8-1.el6 @ovirt-3.5
> > > ovirt-engine-setup.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-base.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-plugin-ovirt-engine.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-plugin-ovirt-engine-common.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-setup-plugin-websocket-proxy.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-tools.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-userportal.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-webadmin-portal.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > ovirt-engine-websocket-proxy.noarch
> > > 3.5.0.1-1.el6 @ovirt-3.5
> > > Available Packages
> > > ovirt-engine-cli.noarch
> > > 3.5.0.5-1.el6 ovirt-3.5
> > > ovirt-engine-dwh.noarch
> > > 3.5.0-1.el6 ovirt-3.5
> > > ovirt-engine-dwh-setup.noarch
> > > 3.5.0-1.el6 ovirt-3.5
> > > ovirt-engine-extensions-api-impl-javadoc.noarch
> > > 3.5.0.1-1.el6 ovirt-3.5
> > > ovirt-engine-reports.noarch
> > > 3.5.1-0.1.el6 ovirt-3.5
> > > ovirt-engine-reports-setup.noarch
> > > 3.5.1-0.1.el6 ovirt-3.5
> > > ovirt-engine-sdk-java.noarch
> > > 3.5.0.5-1.el6 ovirt-3.5
> > > ovirt-engine-sdk-java-javadoc.noarch
> > > 3.5.0.5-1.el6 ovirt-3.5
> > > ovirt-engine-setup-plugin-allinone.noarch
> > >
> > > How can I get this package?
> >
> >
> > Thanks for trying!
> >
> > Package is available at ovirt-3.5-snapshot[1].
> >
> > [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/
> >
>
More information about the Users
mailing list