[ovirt-users] oVirt 3.4 + Ipa Server
Marcelo Donato
donato at din.uem.br
Thu Oct 9 17:25:34 UTC 2014
Hello,
I've problems for utilization IPA Server with oVirt.
Below is the error log and corresponding access, commands and log entries.
Thanks for helping me.
********************************************************************* Ipa
Server - 10.30.0.25
LSB Version:
:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch
Distributor ID: CentOS
Description: CentOS release 6.5 (Final)
Release: 6.5
Codename: Final
# rpm -qa | grep ipa
ipa-server-3.0.0-37.el6.x86_64
ipa-pki-ca-theme-9.0.3-7.el6.noarch
ipa-python-3.0.0-37.el6.x86_64
ipa-pki-common-theme-9.0.3-7.el6.noarch
ipa-admintools-3.0.0-37.el6.x86_64
ipa-server-selinux-3.0.0-37.el6.x86_64
ipa-client-3.0.0-37.el6.x86_64
# dig _kerberos._tcp.din.uem.br
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> _kerberos._
tcp.din.uem.br
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34293
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;_kerberos._tcp.din.uem.br. IN A
;; AUTHORITY SECTION:
din.uem.br. 3600 IN SOA ns1.din.uem.br. root.din.uem.br. 2014100841 1800
900 60480 3600
;; Query time: 1 msec
;; SERVER: 186.233.152.33#53(186.233.152.33)
;; WHEN: Thu Oct 9 14:19:05 2014
;; MSG SIZE rcvd: 88
# dig _ldap._tcp.din.uem.br
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> _ldap._tcp.din.uem.br
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21167
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;_ldap._tcp.din.uem.br. IN A
;; AUTHORITY SECTION:
din.uem.br. 3600 IN SOA ns1.din.uem.br. root.din.uem.br. 2014100841 1800
900 60480 3600
;; Query time: 1 msec
;; SERVER: 186.233.152.33#53(186.233.152.33)
;; WHEN: Thu Oct 9 14:20:16 2014
;; MSG SIZE rcvd: 84
/var/log/dirsrv/slapd-DIN-UEM-BR/access
-------------------------------------------------------------------------------------------------------------------------
conn=3 op=210 SRCH base="dc=din,dc=uem,dc=br" scope=2
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal))(krbPrincipalName=
admin at DIN.UEM.BR))" attrs="krbPrincipalName krbCanonicalName
ipaKrbPrincipalAlias krbUPEnabled k
conn=3 op=210 RESULT err=0 tag=101 nentries=1 etime=0
conn=3 op=211 SRCH base="cn=DIN.UEM.BR,cn=kerberos,dc=din,dc=uem,dc=br"
scope=0 filter="(objectClass=krbticketpolicyaux)" attrs="krbMaxTicketLife
krbMaxRenewableAge krbTicketFlags"
conn=3 op=211 RESULT err=0 tag=101 nentries=1 etime=0
conn=3 op=212 SRCH base="dc=din,dc=uem,dc=br" scope=2
filter="(&(|(objectClass=krbprincipalaux)(objectClass=krbprincipal)(objectClass=ipakrbprincipal))(|(ipaKrbPrincipalAlias=krbtgt/
DIN.UEM.BR at DIN.UEM.BR)(krbPrincipalName=krbtgt/DIN.UEM
conn=3 op=212 RESULT err=0 tag=101 nentries=1 etime=0
conn=3 op=213 SRCH
base="cn=global_policy,cn=DIN.UEM.BR,cn=kerberos,dc=din,dc=uem,dc=br"
scope=0 filter="(objectClass=*)" attrs="krbMaxPwdLife krbMinPwdLife
krbPwdMinDiffChars krbPwdMinLength krbPwdHistoryLength krbPwdMaxFailure
krbPwdF
conn=3 op=213 RESULT err=0 tag=101 nentries=1 etime=0
conn=50 fd=66 slot=66 connection from 10.30.0.23 to 10.30.0.25
conn=50 op=-1 fd=66 closed error 34 (Numerical result out of range) - B2
/var/log/ovirt-engine/engine-manage-domains.log
-------------------------------------------------------------------------------------------------------------------------
2014-10-09 11:23:05,901 INFO [org.ovirt.engine.core.utils.LocalConfig]
Loaded file
"/usr/share/ovirt-engine/services/ovirt-engine/ovirt-engine.conf".
2014-10-09 11:23:05,903 INFO [org.ovirt.engine.core.utils.LocalConfig] The
file "/etc/ovirt-engine/engine.conf" doesn't exist or isn't readable. Will
return an empty set of properties.
2014-10-09 11:23:05,904 INFO [org.ovirt.engine.core.utils.LocalConfig]
Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-database.conf".
2014-10-09 11:23:05,905 INFO [org.ovirt.engine.core.utils.LocalConfig]
Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-jboss.conf".
2014-10-09 11:23:05,906 INFO [org.ovirt.engine.core.utils.LocalConfig]
Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-pki.conf".
2014-10-09 11:23:05,907 INFO [org.ovirt.engine.core.utils.LocalConfig]
Loaded file "/etc/ovirt-engine/engine.conf.d/10-setup-protocols.conf".
2014-10-09 11:23:05,908 INFO [org.ovirt.engine.core.utils.LocalConfig]
Loaded file "/etc/ovirt-engine/engine.conf.d/20-ovirt-engine-reports.conf".
2014-10-09 11:23:05,909 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_AJP_ENABLED" is "true".
2014-10-09 11:23:05,909 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_AJP_PORT" is "8702".
2014-10-09 11:23:05,909 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_APPS" is "engine.ear
"/var/lib/ovirt-engine-reports/ovirt-engine-reports.war"".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_CACHE" is "/var/cache/ovirt-engine".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_CHECK_INTERVAL" is "1000".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_CONNECTION_TIMEOUT" is "300000".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_DATABASE" is "engine".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_DRIVER" is "org.postgresql.Driver".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_HOST" is "localhost".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_MAX_CONNECTIONS" is "100".
2014-10-09 11:23:05,910 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_MIN_CONNECTIONS" is "1".
2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_PASSWORD" is "***".
2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_PORT" is "5432".
2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_SECURED" is "False".
2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_SECURED_VALIDATION" is "False".
2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_URL" is
"jdbc:postgresql://localhost:5432/engine?sslfactory=org.postgresql.ssl.NonValidatingFactory".
2014-10-09 11:23:05,911 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DB_USER" is "engine".
2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DEBUG_ADDRESS" is "".
2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_DOC" is "/usr/share/doc/ovirt-engine".
2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_ETC" is "/etc/ovirt-engine".
2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_FQDN" is "ovirtm.din.uem.br".
2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_GROUP" is "ovirt".
2014-10-09 11:23:05,912 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_HEAP_MAX" is "1g".
2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_HEAP_MIN" is "1g".
2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_HTTPS_ENABLED" is "false".
2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_HTTPS_PORT" is "None".
2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_HTTPS_PROTOCOLS" is "SSLv3,TLSv1,TLSv1.1,TLSv1.2".
2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_HTTP_ENABLED" is "false".
2014-10-09 11:23:05,913 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_HTTP_PORT" is "None".
2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_JAVA_MODULEPATH" is
"/usr/share/ovirt-engine/modules:/var/lib/ovirt-engine-reports/modules".
2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_JVM_ARGS" is " -XX:+HeapDumpOnOutOfMemoryError
-XX:HeapDumpPath="/var/log/ovirt-engine/dump"".
2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_LOG" is "/var/log/ovirt-engine".
2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_LOG_TO_CONSOLE" is "false".
2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_MANUAL" is "/usr/share/ovirt-engine/manual".
2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PERM_MAX" is "256m".
2014-10-09 11:23:05,914 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PERM_MIN" is "256m".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI" is "/etc/pki/ovirt-engine".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI_CA" is "/etc/pki/ovirt-engine/ca.pem".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI_ENGINE_CERT" is
"/etc/pki/ovirt-engine/certs/engine.cer".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI_ENGINE_STORE" is
"/etc/pki/ovirt-engine/keys/engine.p12".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI_ENGINE_STORE_ALIAS" is "1".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI_ENGINE_STORE_PASSWORD" is "***".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI_TRUST_STORE" is
"/etc/pki/ovirt-engine/.truststore".
2014-10-09 11:23:05,915 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PKI_TRUST_STORE_PASSWORD" is "***".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PROPERTIES" is " jsse.enableSNIExtension=false".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PROXY_ENABLED" is "true".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PROXY_HTTPS_PORT" is "443".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_PROXY_HTTP_PORT" is "80".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_REPORTS_UI" is
"/var/lib/ovirt-engine/reports.xml".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_STOP_INTERVAL" is "1".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_STOP_TIME" is "10".
2014-10-09 11:23:05,916 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_TMP" is "/var/tmp/ovirt-engine".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_UP_MARK" is "/var/lib/ovirt-engine/engine.up".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_URI" is "/ovirt-engine".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_USER" is "ovirt".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_USR" is "/usr/share/ovirt-engine".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_VAR" is "/var/lib/ovirt-engine".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "ENGINE_VERBOSE_GC" is "false".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "JBOSS_HOME" is "/usr/share/jboss-as".
2014-10-09 11:23:05,917 INFO [org.ovirt.engine.core.utils.LocalConfig]
Value of property "SENSITIVE_KEYS" is
",ENGINE_DB_PASSWORD,ENGINE_PKI_TRUST_STORE_PASSWORD,ENGINE_PKI_ENGINE_STORE_PASSWORD".
2014-10-09 11:23:39,328 INFO [org.ovirt.engine.core.domains.ManageDomains]
Creating kerberos configuration for domain(s): din.uem.br
2014-10-09 11:23:39,357 INFO [org.ovirt.engine.core.domains.ManageDomains]
Successfully created kerberos configuration for domain(s): din.uem.br
2014-10-09 11:23:39,357 INFO [org.ovirt.engine.core.domains.ManageDomains]
Testing kerberos configuration for domain: din.uem.br
2014-10-09 11:23:39,572 ERROR
[org.ovirt.engine.core.utils.kerberos.KerberosConfigCheck] Error:
exception message: Cannot get a KDC reply
2014-10-09 11:23:39,577 ERROR [org.ovirt.engine.core.domains.ManageDomains]
Failure while testing domain din.uem.br. Details: Kerberos error. Please
check log for further details.
********************************************************************* oVirt
Manager - 10.30.0.23
LSB Version:
:base-4.0-amd64:base-4.0-noarch:core-4.0-amd64:core-4.0-noarch
Distributor ID: CentOS
Description: CentOS release 6.5 (Final)
Release: 6.5
Codename: Final
# rpm -qa | grep -i ovirt
ovirt-engine-dwh-setup-3.4.0-2.el6.noarch
ovirt-engine-dwh-3.4.0-2.el6.noarch
ovirt-hosted-engine-ha-1.1.2-1.el6.noarch
ovirt-engine-setup-plugin-websocket-proxy-3.4.0-1.el6.noarch
ovirt-engine-cli-3.4.0.5-1.el6.noarch
ovirt-engine-restapi-3.4.0-1.el6.noarch
ovirt-engine-dbscripts-3.4.0-1.el6.noarch
ovirt-release-11.2.0-1.noarch
ovirt-engine-sdk-python-3.4.0.7-1.el6.noarch
ovirt-host-deploy-1.2.0-1.el6.noarch
ovirt-engine-reports-setup-3.4.0-2.el6.noarch
ovirt-engine-lib-3.4.0-1.el6.noarch
ovirt-engine-websocket-proxy-3.4.0-1.el6.noarch
ovirt-log-collector-3.4.1-1.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-common-3.4.0-1.el6.noarch
ovirt-host-deploy-java-1.2.0-1.el6.noarch
ovirt-engine-tools-3.4.0-1.el6.noarch
ovirt-engine-userportal-3.4.0-1.el6.noarch
ovirt-engine-setup-plugin-ovirt-engine-3.4.0-1.el6.noarch
ovirt-engine-backend-3.4.0-1.el6.noarch
ovirt-engine-reports-3.4.0-2.el6.noarch
ovirt-engine-setup-base-3.4.0-1.el6.noarch
ovirt-iso-uploader-3.4.0-1.el6.noarch
ovirt-image-uploader-3.4.0-1.el6.noarch
ovirt-engine-webadmin-portal-3.4.0-1.el6.noarch
ovirt-engine-setup-3.4.0-1.el6.noarch
ovirt-engine-3.4.0-1.el6.noarch
engine-manage-domains add --domain=din.uem.br --provider=ipa --user=admin
Enter password:
Error: exception message: Cannot get a KDC reply
Failure while testing domain din.uem.br. Details: Kerberos error. Please
check log for further details.
At. Donato.
--
Ao encaminhar esta mensagem, por favor:
1. Apague o meu e-mail e o meu nome.
2. Apague também os endereços dos amigos antes de reenviar
3. Use Cco ou Bcc para enviar mensagens!
Dificulte a disseminação de vírus e spam.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20141009/ea1f154c/attachment-0001.html>
More information about the Users
mailing list