[ovirt-users] Can not configure with simple LDAP.
Fumihide Tani
RXC05271 at nifty.com
Mon Oct 6 15:47:15 UTC 2014
Alon,
Sorry, I forgetted to start my DNS server.
After that everything goes well.
I can add LDAP account and login to the Web Portal by LDAP account successfully!
(2014/10/07 0:33), Alon Bar-Lev wrote:
> 2014-10-07 00:27:59,829 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (MSC service thread 1-14) Exception during sequence: LDAPException(resultCode=91 (connect error), errorMessage='An error occurred while attempting to connect to server ldap.rxc05271.com:389: java.io.IOException: An error occurred while attempting to establish a connection to server ldap.rxc05271.com/111.64.166.75:389: java.net.ConnectException: Connection refused')
>
>
> ----- Original Message -----
>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>> Cc: users at ovirt.org
>> Sent: Monday, October 6, 2014 6:31:17 PM
>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>
>> engine.log attached.
>>
>> Regards
>>
>> (2014/10/06 23:57), Alon Bar-Lev wrote:
>>> ----- Original Message -----
>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>> Cc: users at ovirt.org
>>>> Sent: Monday, October 6, 2014 3:40:05 PM
>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>>>
>>>> Alon,
>>>>
>>>> Thanks, the ovirt-engine-extension-aaa-ldap was updated successfully.
>>>> and then I restarted my ovirt-engine.
>>>>
>>>> I tried the following:
>>>>
>>>> 1) Login to the User Portal using LDAP account "tani".
>>>> Failed. (it was able to login before doing update.)
>>>>
>>>> 2) Then deleting the LDAP account "tani" from admin portal.
>>>>
>>>> 3) Tried to add new account "tani" again.
>>>> I selected "rxc05271.com (authz-company)" instead of "internal (internal)"
>>>> but "Go" bottun is hidden.
>>>>
>>>> What should I do next?
>>> it probably means that the engine cannot interact with the ldap.
>>> can you see any error message during engine startup that related?
>>> can you stop engine remove engine.log start engine and send me the
>>> engine.log?
>>>
>>>> Regards,
>>>> Fumihide Tani
>>>>
>>>> (2014/10/06 20:39), Alon Bar-Lev wrote:
>>>>> ----- Original Message -----
>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>> Cc: users at ovirt.org
>>>>>> Sent: Monday, October 6, 2014 2:36:38 PM
>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>>>>>
>>>>>> Hi, Alon
>>>>>>
>>>>>> I can not update the ovirt-engine-extension-aaa-ldap.noarch
>>>>>> 0.0.0-0.0.master.20140923213100.git10a282b.el6. to the one you
>>>>>> specified.
>>>>>> Is it still not exist in ovirt-3.5-pre repo?
>>>>> right, they are at snapshots.
>>>>> you can take the extension rpm and only update it.
>>>>>
>>>>> yum localupdate
>>>>> http://resources.ovirt.org/pub/ovirt-3.5-snapshot/rpm/el6/noarch/ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d.el6.noarch.rpm
>>>>>
>>>>>> Regards,
>>>>>> Fumihide Tani
>>>>>>
>>>>>> (2014/10/06 17:07), Alon Bar-Lev wrote:
>>>>>>> Hello Fumihide,
>>>>>>>
>>>>>>> I pushed a significant change into ldap package, in some cases it will
>>>>>>> provide better response times.
>>>>>>> The change is within group resolution.
>>>>>>> I wounder if you can test it, should be at least
>>>>>>> ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d.
>>>>>>>
>>>>>>> Regards,
>>>>>>> Alon Bar-Lev.
>>>>>>>
>>>>>>> ----- Original Message -----
>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>>>> Cc: users at ovirt.org
>>>>>>>> Sent: Thursday, September 25, 2014 4:41:09 PM
>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>>>>>>>
>>>>>>>> Hi, Alon,
>>>>>>>>
>>>>>>>> Without waiting until the weekend,
>>>>>>>> I have finished the flesh install of the oVirt 3.5 RC3 today.
>>>>>>>> As a result, with same AAA settings,
>>>>>>>> My OpenLDAP's users became possible to login to the Web User Portal
>>>>>>>> now.
>>>>>>>> Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is
>>>>>>>> not.
>>>>>>>>
>>>>>>>> Very much thanks,
>>>>>>>> Fumihide Tani
>>>>>>>>
>>>>>>>> (2014/09/25 7:27), Alon Bar-Lev wrote:
>>>>>>>>> This is severe, the upgrade is not working properly you have issues
>>>>>>>>> with
>>>>>>>>> accessing database.
>>>>>>>>> If database is not important I suggest a fresh install, run
>>>>>>>>> engine-cleanup
>>>>>>>>> then engine-setup.
>>>>>>>>> If database is important please forward this to devel mailing list
>>>>>>>>> for
>>>>>>>>> someone to help, regardless of LDAP.
>>>>>>>>> Regards,
>>>>>>>>> Alon
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> 4-09-25 00:36:08,389 ERROR
>>>>>>>>> [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo]
>>>>>>>>> (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1:
>>>>>>>>> java.lang.ArrayIndexOutOfBoundsException: 1
>>>>>>>>> at
>>>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeDAODbFacadeImpl.java:208)
>>>>>>>>> [dal.jar:]
>>>>>>>>> at
>>>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.access$000(VdsNumaNodeDAODbFacadeImpl.java:20)
>>>>>>>>> [dal.jar:]
>>>>>>>>> at
>>>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:184)
>>>>>>>>> [dal.jar:]
>>>>>>>>> at
>>>>>>>>> org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:168)
>>>>>>>>> [dal.jar:]
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ----- Original Message -----
>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>>>>>> Sent: Wednesday, September 24, 2014 6:40:58 PM
>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>>>>>>>>>
>>>>>>>>>> Result of running engine-setup:
>>>>>>>>>> [root at ovirt ~]# yum list installed|grep ovirt-engine
>>>>>>>>>> ovirt-engine.noarch 3.5.0-0.0.master.20140923231936.git42065cc.el6
>>>>>>>>>>
>>>>>>>>>> Yes, engine is updated to newest one.!
>>>>>>>>>>
>>>>>>>>>> But I still continued failing to login.
>>>>>>>>>> engine.log attached.
>>>>>>>>>>
>>>>>>>>>> Very thanks,
>>>>>>>>>>
>>>>>>>>>> (2014/09/24 23:59), Alon Bar-Lev wrote:
>>>>>>>>>>> you probably need to run engine-setup
>>>>>>>>>>>
>>>>>>>>>>> ----- Original Message -----
>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>>>>>>>> Sent: Wednesday, September 24, 2014 4:59:22 PM
>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>>>>>>>>>>>
>>>>>>>>>>>> Oops!
>>>>>>>>>>>> # yum list installed | grep ovirt-engine
>>>>>>>>>>>> ovirt-engine.noarch 3.5.0-0.0.master.20140821064931.gitb794d66.el6
>>>>>>>>>>>> (snip)
>>>>>>>>>>>> .....
>>>>>>>>>>>>
>>>>>>>>>>>> Many ovirt-3.5-* modules are updated by yum today but engine is
>>>>>>>>>>>> not.
>>>>>>>>>>>> Why not updated to RC3??
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> (2014/09/24 22:42), Alon Bar-Lev wrote:
>>>>>>>>>>>>> Unless I am missing something, you run old engine:
>>>>>>>>>>>>>
>>>>>>>>>>>>> 2014-09-24 22:16:24,136 INFO [org.ovirt.engine.core.bll.Backend]
>>>>>>>>>>>>> (MSC
>>>>>>>>>>>>> service thread 1-12) Running ovirt-engine
>>>>>>>>>>>>> 3.5.0-0.0.master.20140821064931.gitb794d66.el6
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> ----- Original Message -----
>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>>>>>>>>>> Sent: Wednesday, September 24, 2014 4:21:09 PM
>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Attached engine.log with "FINEST"
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> (2014/09/24 21:32), Alon Bar-Lev wrote:
>>>>>>>>>>>>>>> ----- Original Message -----
>>>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>>>>>>>>>>>> Cc: users at ovirt.org
>>>>>>>>>>>>>>>> Sent: Wednesday, September 24, 2014 3:24:23 PM
>>>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Hi, Alon,
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I have updated the oVirt 3.5 RC2 to the newest RC3 today.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> From my CentOS6.5 based oVirt Engine server and the
>>>>>>>>>>>>>>>> oVirt
>>>>>>>>>>>>>>>> Host
>>>>>>>>>>>>>>>> server,
>>>>>>>>>>>>>>>> # yum clean all
>>>>>>>>>>>>>>>> # yum update
>>>>>>>>>>>>>>>> Then rebooted these servers.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> But my LDAP problem is continued and same result as before.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> When I login to the oVirt User Portal,
>>>>>>>>>>>>>>>> User Name: tani
>>>>>>>>>>>>>>>> Password: (OpenLDAP's userPassword)
>>>>>>>>>>>>>>>> Domain: rxc05271.com
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> UI displays "General command validation failure."
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Please advice.
>>>>>>>>>>>>>>> Hopefully I can if you provide log... :)
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thanks,
>>>>>>>>>>>>>>>> Fumihide Tani
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> (2014/09/22 22:20), Alon Bar-Lev wrote:
>>>>>>>>>>>>>>>>> The version of engine you are using is probably out of date
>>>>>>>>>>>>>>>>> and
>>>>>>>>>>>>>>>>> unsynced
>>>>>>>>>>>>>>>>> with latest ldap package (20140821064931).
>>>>>>>>>>>>>>>>> Please make sure you take latest from[1]
>>>>>>>>>>>>>>>>> Thanks!
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> ----- Original Message -----
>>>>>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>>>>>>>>>>>>>> Cc: users at ovirt.org
>>>>>>>>>>>>>>>>>> Sent: Monday, September 22, 2014 3:42:52 PM
>>>>>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple
>>>>>>>>>>>>>>>>>> LDAP.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Hi, Alon,
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Your requested engine.log attached.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Also, I tried to login to web user portal by "tani"
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> User Name: tani
>>>>>>>>>>>>>>>>>> Password: (OpenLDAP userPassword)
>>>>>>>>>>>>>>>>>> Domain: rxc05271.com
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> cause: "General command validation failure."
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Attated log includes login by "Fumihide" first, "tani"
>>>>>>>>>>>>>>>>>> second.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Very thanks,
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> (2014/09/22 21:24), Alon Bar-Lev wrote:
>>>>>>>>>>>>>>>>>>> ----- Original Message -----
>>>>>>>>>>>>>>>>>>>> From: "Fumihide Tani" <RXC05271 at nifty.com>
>>>>>>>>>>>>>>>>>>>> To: "Alon Bar-Lev" <alonbl at redhat.com>
>>>>>>>>>>>>>>>>>>>> Cc: users at ovirt.org
>>>>>>>>>>>>>>>>>>>> Sent: Monday, September 22, 2014 3:06:39 PM
>>>>>>>>>>>>>>>>>>>> Subject: Re: [ovirt-users] Can not configure with simple
>>>>>>>>>>>>>>>>>>>> LDAP.
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Sorry, I misunderstood.
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> This is outputs after LDAP user logged in.
>>>>>>>>>>>>>>>>>>> Please attach log as files, not inline, easier to handle.
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> 2014-09-22 21:01:32,638 DEBUG
>>>>>>>>>>>>>>>>>>> [org.ovirt.engineextensions.aaa.ldap.Framework]
>>>>>>>>>>>>>>>>>>> (ajp--127.0.0.1-8702-4)
>>>>>>>>>>>>>>>>>>> SearchRequest: SearchRequest(baseDN='dc=rxc05271,dc=com',
>>>>>>>>>>>>>>>>>>> scope=SUB,
>>>>>>>>>>>>>>>>>>> deref=NEVER, sizeLimit=0, timeLimit=0,
>>>>>>>>>>>>>>>>>>> filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)',
>>>>>>>>>>>>>>>>>>> attrs={entryUUID,
>>>>>>>>>>>>>>>>>>> uid, displayName, memberOf, department, givenName, sn,
>>>>>>>>>>>>>>>>>>> title,
>>>>>>>>>>>>>>>>>>> mail},
>>>>>>>>>>>>>>>>>>> controls={SimplePagedResultsControl(pageSize=100,
>>>>>>>>>>>>>>>>>>> isCritical=false)})
>>>>>>>>>>>>>>>>>>> 2014-09-22 21:01:32,640 DEBUG
>>>>>>>>>>>>>>>>>>> [org.ovirt.engineextensions.aaa.ldap.Framework]
>>>>>>>>>>>>>>>>>>> (ajp--127.0.0.1-8702-4)
>>>>>>>>>>>>>>>>>>> SearchResult: SearchResult(resultCode=0 (success),
>>>>>>>>>>>>>>>>>>> messageID=3,
>>>>>>>>>>>>>>>>>>> entriesReturned=0, referencesReturned=0,
>>>>>>>>>>>>>>>>>>> responseControls={SimplePagedResultsControl(pageSize=0,
>>>>>>>>>>>>>>>>>>> isCritical=false)})
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> >From the above I see that a search was issued:
>>>>>>>>>>>>>>>>>>>> &(objectClass=uidObject)(uid=*)(uid=Fumihide)
>>>>>>>>>>>>>>>>>>> And no result returned.
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Per previous output:
>>>>>>>>>>>>>>>>>>> ---
>>>>>>>>>>>>>>>>>>> # tani, Users, rxc05271.com
>>>>>>>>>>>>>>>>>>> dn: uid=tani,ou=Users,dc=rxc05271,dc=com
>>>>>>>>>>>>>>>>>>> objectClass: inetOrgPerson
>>>>>>>>>>>>>>>>>>> objectClass: uidObject
>>>>>>>>>>>>>>>>>>> uid: tani
>>>>>>>>>>>>>>>>>>> cn: Fumihide Tani
>>>>>>>>>>>>>>>>>>> givenName: Fumihide
>>>>>>>>>>>>>>>>>>> mail: tani at rxc05271.com
>>>>>>>>>>>>>>>>>>> sn: Tani
>>>>>>>>>>>>>>>>>>> userPassword:: a3VtaXRhbg==
>>>>>>>>>>>>>>>>>>> ---
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Your user name is tani and not Fumihide.
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> Alon
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>
>>
>
More information about the Users
mailing list