[ovirt-users] Can not configure with simple LDAP.

Alon Bar-Lev alonbl at redhat.com
Mon Oct 6 15:33:24 UTC 2014 

2014-10-07 00:27:59,829 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (MSC service thread 1-14) Exception during sequence: LDAPException(resultCode=91 (connect error), errorMessage='An error occurred while attempting to connect to server ldap.rxc05271.com:389:  java.io.IOException: An error occurred while attempting to establish a connection to server ldap.rxc05271.com/111.64.166.75:389:  java.net.ConnectException: Connection refused')


----- Original Message -----
> From: "Fumihide Tani" <RXC05271 at nifty.com>
> To: "Alon Bar-Lev" <alonbl at redhat.com>
> Cc: users at ovirt.org
> Sent: Monday, October 6, 2014 6:31:17 PM
> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> 
> engine.log attached.
> 
> Regards
> 
> (2014/10/06 23:57), Alon Bar-Lev wrote:
> >
> > ----- Original Message -----
> >> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >> Cc: users at ovirt.org
> >> Sent: Monday, October 6, 2014 3:40:05 PM
> >> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>
> >> Alon,
> >>
> >> Thanks, the ovirt-engine-extension-aaa-ldap was updated successfully.
> >> and then I restarted my ovirt-engine.
> >>
> >> I tried the following:
> >>
> >> 1) Login to the User Portal using LDAP account "tani".
> >> Failed. (it was able to login before doing update.)
> >>
> >> 2) Then deleting the LDAP account "tani" from admin portal.
> >>
> >> 3) Tried to add new account "tani" again.
> >> I selected "rxc05271.com (authz-company)" instead of "internal (internal)"
> >> but "Go" bottun is hidden.
> >>
> >> What should I do next?
> > it probably means that the engine cannot interact with the ldap.
> > can you see any error message during engine startup that related?
> > can you stop engine remove engine.log start engine and send me the
> > engine.log?
> >
> >> Regards,
> >> Fumihide Tani
> >>
> >> (2014/10/06 20:39), Alon Bar-Lev wrote:
> >>> ----- Original Message -----
> >>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>> Cc: users at ovirt.org
> >>>> Sent: Monday, October 6, 2014 2:36:38 PM
> >>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>>>
> >>>> Hi, Alon
> >>>>
> >>>> I can not update the ovirt-engine-extension-aaa-ldap.noarch
> >>>> 0.0.0-0.0.master.20140923213100.git10a282b.el6. to the one you
> >>>> specified.
> >>>> Is it still not exist in ovirt-3.5-pre repo?
> >>> right, they are at snapshots.
> >>> you can take the extension rpm and only update it.
> >>>
> >>> yum localupdate
> >>> http://resources.ovirt.org/pub/ovirt-3.5-snapshot/rpm/el6/noarch/ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d.el6.noarch.rpm
> >>>
> >>>> Regards,
> >>>> Fumihide Tani
> >>>>
> >>>> (2014/10/06 17:07), Alon Bar-Lev wrote:
> >>>>> Hello Fumihide,
> >>>>>
> >>>>> I pushed a significant change into ldap package, in some cases it will
> >>>>> provide better response times.
> >>>>> The change is within group resolution.
> >>>>> I wounder if you can test it, should be at least
> >>>>> ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d.
> >>>>>
> >>>>> Regards,
> >>>>> Alon Bar-Lev.
> >>>>>
> >>>>> ----- Original Message -----
> >>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>>>> Cc: users at ovirt.org
> >>>>>> Sent: Thursday, September 25, 2014 4:41:09 PM
> >>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>>>>>
> >>>>>> Hi, Alon,
> >>>>>>
> >>>>>> Without waiting until the weekend,
> >>>>>> I have finished the flesh install of the oVirt 3.5 RC3 today.
> >>>>>> As a result, with same AAA settings,
> >>>>>> My OpenLDAP's users became possible to login to the Web User Portal
> >>>>>> now.
> >>>>>> Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is
> >>>>>> not.
> >>>>>>
> >>>>>> Very much thanks,
> >>>>>> Fumihide Tani
> >>>>>>
> >>>>>> (2014/09/25 7:27), Alon Bar-Lev wrote:
> >>>>>>> This is severe, the upgrade is not working properly you have issues
> >>>>>>> with
> >>>>>>> accessing database.
> >>>>>>> If database is not important I suggest a fresh install, run
> >>>>>>> engine-cleanup
> >>>>>>> then engine-setup.
> >>>>>>> If database is important please forward this to devel mailing list
> >>>>>>> for
> >>>>>>> someone to help, regardless of LDAP.
> >>>>>>> Regards,
> >>>>>>> Alon
> >>>>>>>
> >>>>>>>
> >>>>>>> 4-09-25 00:36:08,389 ERROR
> >>>>>>> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
> >>>>>>> (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1:
> >>>>>>> java.lang.ArrayIndexOutOfBoundsException: 1
> >>>>>>> 	at
> >>>>>>> 	org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeDAODbFacadeImpl.java:208)
> >>>>>>> 	[dal.jar:]
> >>>>>>> 	at
> >>>>>>> 	org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.access$000(VdsNumaNodeDAODbFacadeImpl.java:20)
> >>>>>>> 	[dal.jar:]
> >>>>>>> 	at
> >>>>>>> 	org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:184)
> >>>>>>> 	[dal.jar:]
> >>>>>>> 	at
> >>>>>>> 	org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:168)
> >>>>>>> 	[dal.jar:]
> >>>>>>>
> >>>>>>>
> >>>>>>> ----- Original Message -----
> >>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>>>>>> Sent: Wednesday, September 24, 2014 6:40:58 PM
> >>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>>>>>>>
> >>>>>>>> Result of running engine-setup:
> >>>>>>>> [root at ovirt ~]# yum list installed|grep ovirt-engine
> >>>>>>>> ovirt-engine.noarch 3.5.0-0.0.master.20140923231936.git42065cc.el6
> >>>>>>>>
> >>>>>>>> Yes, engine is updated to newest one.!
> >>>>>>>>
> >>>>>>>> But I still continued failing to login.
> >>>>>>>> engine.log attached.
> >>>>>>>>
> >>>>>>>> Very thanks,
> >>>>>>>>
> >>>>>>>> (2014/09/24 23:59), Alon Bar-Lev wrote:
> >>>>>>>>> you probably need to run engine-setup
> >>>>>>>>>
> >>>>>>>>> ----- Original Message -----
> >>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>>>>>>>> Sent: Wednesday, September 24, 2014 4:59:22 PM
> >>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>>>>>>>>>
> >>>>>>>>>> Oops!
> >>>>>>>>>> # yum list installed | grep ovirt-engine
> >>>>>>>>>> ovirt-engine.noarch 3.5.0-0.0.master.20140821064931.gitb794d66.el6
> >>>>>>>>>> (snip)
> >>>>>>>>>> .....
> >>>>>>>>>>
> >>>>>>>>>> Many ovirt-3.5-* modules are updated by yum today but engine is
> >>>>>>>>>> not.
> >>>>>>>>>> Why not updated to RC3??
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> (2014/09/24 22:42), Alon Bar-Lev wrote:
> >>>>>>>>>>> Unless I am missing something, you run old engine:
> >>>>>>>>>>>
> >>>>>>>>>>> 2014-09-24 22:16:24,136 INFO  [org.ovirt.engine.core.bll.Backend]
> >>>>>>>>>>> (MSC
> >>>>>>>>>>> service thread 1-12) Running ovirt-engine
> >>>>>>>>>>> 3.5.0-0.0.master.20140821064931.gitb794d66.el6
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>>
> >>>>>>>>>>> ----- Original Message -----
> >>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>>>>>>>>>> Sent: Wednesday, September 24, 2014 4:21:09 PM
> >>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>>>>>>>>>>>
> >>>>>>>>>>>> Attached engine.log with "FINEST"
> >>>>>>>>>>>>
> >>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>
> >>>>>>>>>>>> (2014/09/24 21:32), Alon Bar-Lev wrote:
> >>>>>>>>>>>>> ----- Original Message -----
> >>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>>>>>>>>>>>> Cc: users at ovirt.org
> >>>>>>>>>>>>>> Sent: Wednesday, September 24, 2014 3:24:23 PM
> >>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> Hi, Alon,
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> I have updated the oVirt 3.5 RC2 to the newest RC3 today.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>>         From my CentOS6.5 based oVirt Engine server and the
> >>>>>>>>>>>>>>         oVirt
> >>>>>>>>>>>>>>         Host
> >>>>>>>>>>>>>>         server,
> >>>>>>>>>>>>>> # yum clean all
> >>>>>>>>>>>>>> # yum update
> >>>>>>>>>>>>>> Then rebooted these servers.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> But my LDAP problem is continued and same result as before.
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> When I login to the oVirt User Portal,
> >>>>>>>>>>>>>> User Name: tani
> >>>>>>>>>>>>>> Password: (OpenLDAP's userPassword)
> >>>>>>>>>>>>>> Domain: rxc05271.com
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> UI displays "General command validation failure."
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> Please advice.
> >>>>>>>>>>>>> Hopefully I can if you provide log... :)
> >>>>>>>>>>>>>
> >>>>>>>>>>>>>> Thanks,
> >>>>>>>>>>>>>> Fumihide Tani
> >>>>>>>>>>>>>>
> >>>>>>>>>>>>>> (2014/09/22 22:20), Alon Bar-Lev wrote:
> >>>>>>>>>>>>>>> The version of engine you are using is probably out of date
> >>>>>>>>>>>>>>> and
> >>>>>>>>>>>>>>> unsynced
> >>>>>>>>>>>>>>> with latest ldap package (20140821064931).
> >>>>>>>>>>>>>>> Please make sure you take latest from[1]
> >>>>>>>>>>>>>>> Thanks!
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/
> >>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>> ----- Original Message -----
> >>>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>>>>>>>>>>>>>> Cc: users at ovirt.org
> >>>>>>>>>>>>>>>> Sent: Monday, September 22, 2014 3:42:52 PM
> >>>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple
> >>>>>>>>>>>>>>>> LDAP.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Hi, Alon,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Your requested engine.log attached.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Also, I tried to login to web user portal by "tani"
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> User Name: tani
> >>>>>>>>>>>>>>>> Password:    (OpenLDAP userPassword)
> >>>>>>>>>>>>>>>> Domain: rxc05271.com
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> cause: "General command validation failure."
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Attated log includes login by "Fumihide" first, "tani"
> >>>>>>>>>>>>>>>> second.
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> Very thanks,
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>> (2014/09/22 21:24), Alon Bar-Lev wrote:
> >>>>>>>>>>>>>>>>> ----- Original Message -----
> >>>>>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
> >>>>>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
> >>>>>>>>>>>>>>>>>> Cc: users at ovirt.org
> >>>>>>>>>>>>>>>>>> Sent: Monday, September 22, 2014 3:06:39 PM
> >>>>>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple
> >>>>>>>>>>>>>>>>>> LDAP.
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> Sorry, I misunderstood.
> >>>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>> This is outputs after LDAP user logged in.
> >>>>>>>>>>>>>>>>> Please attach log as files, not inline, easier to handle.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> 2014-09-22 21:01:32,638 DEBUG
> >>>>>>>>>>>>>>>>> [org.ovirt.engineextensions.aaa.ldap.Framework]
> >>>>>>>>>>>>>>>>> (ajp--127.0.0.1-8702-4)
> >>>>>>>>>>>>>>>>> SearchRequest: SearchRequest(baseDN='dc=rxc05271,dc=com',
> >>>>>>>>>>>>>>>>> scope=SUB,
> >>>>>>>>>>>>>>>>> deref=NEVER, sizeLimit=0, timeLimit=0,
> >>>>>>>>>>>>>>>>> filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)',
> >>>>>>>>>>>>>>>>> attrs={entryUUID,
> >>>>>>>>>>>>>>>>> uid, displayName, memberOf, department, givenName, sn,
> >>>>>>>>>>>>>>>>> title,
> >>>>>>>>>>>>>>>>> mail},
> >>>>>>>>>>>>>>>>> controls={SimplePagedResultsControl(pageSize=100,
> >>>>>>>>>>>>>>>>> isCritical=false)})
> >>>>>>>>>>>>>>>>> 2014-09-22 21:01:32,640 DEBUG
> >>>>>>>>>>>>>>>>> [org.ovirt.engineextensions.aaa.ldap.Framework]
> >>>>>>>>>>>>>>>>> (ajp--127.0.0.1-8702-4)
> >>>>>>>>>>>>>>>>> SearchResult: SearchResult(resultCode=0 (success),
> >>>>>>>>>>>>>>>>> messageID=3,
> >>>>>>>>>>>>>>>>> entriesReturned=0, referencesReturned=0,
> >>>>>>>>>>>>>>>>> responseControls={SimplePagedResultsControl(pageSize=0,
> >>>>>>>>>>>>>>>>> isCritical=false)})
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> >From the above I see that a search was issued:
> >>>>>>>>>>>>>>>>>> &(objectClass=uidObject)(uid=*)(uid=Fumihide)
> >>>>>>>>>>>>>>>>> And no result returned.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Per previous output:
> >>>>>>>>>>>>>>>>> ---
> >>>>>>>>>>>>>>>>> # tani, Users, rxc05271.com
> >>>>>>>>>>>>>>>>> dn: uid=tani,ou=Users,dc=rxc05271,dc=com
> >>>>>>>>>>>>>>>>> objectClass: inetOrgPerson
> >>>>>>>>>>>>>>>>> objectClass: uidObject
> >>>>>>>>>>>>>>>>> uid: tani
> >>>>>>>>>>>>>>>>> cn: Fumihide Tani
> >>>>>>>>>>>>>>>>> givenName: Fumihide
> >>>>>>>>>>>>>>>>> mail: tani at rxc05271.com
> >>>>>>>>>>>>>>>>> sn: Tani
> >>>>>>>>>>>>>>>>> userPassword:: a3VtaXRhbg==
> >>>>>>>>>>>>>>>>> ---
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Your user name is tani and not Fumihide.
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>> Alon
> >>>>>>>>>>>>>>>>>
> >>>>>>>>>>>>>>>>>
> >>>>
> >>
> >>
> >
> 
>

More information about the Users mailing list