[ovirt-users] AAA

Koen Vanoppen vanoppen.koen at gmail.com
Thu Jan 29 10:41:40 UTC 2015 

Can somebody help me setting up AAA for ovirt 3.5.1?

I'm getting this now:

2015-01-29 11:35:36,889 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
1-1) [ovirt-engine-extension-aaa-ldap.authz::BRU_AIR-authz] Cannot
initialize LDAP framework, deferring initialization. Error: An error
occurred while attempting to query DNS in order to retrieve SRV records
with name '_gc._tcp.brussels.airport':  javax.naming.NameNotFoundException:
DNS name not found [response code 3]; remaining name
'_gc._tcp.brussels.airport'

my 3 configs:
*BRU_AIR-authn.properties*
ovirt.engine.extension.name = BRU_AIR-authn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = BRU-AIR
ovirt.engine.aaa.authn.authz.plugin = BRU_AIR-authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties

*BRU_AIR-authz.properties*
ovirt.engine.extension.name = BRU_AIR-authz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/BRU_AIR.properties

*BRU_AIR.properties*
include = <ad.properties>

#
# Active directory domain name.
#
vars.domain = mydomain.com

#
# Search user and its password.
#
vars.user = admin@${global:vars.domain}
vars.password = ***********

#
# Optional DNS servers, if enterprise
# DNS server cannot resolve the domain srvrecord.
#
vars.dns = dns://dc01.mydomain.com

pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password

In the GUI for adding user I get this:

An error occurred while attempting to query DNS in order to retrieve SRV
records with name '_gc__tcp_brussels_airport':
javax_naming_NameNotFoundException: DNS name not found [response code 3];
remaining name '_gc__tcp_brussels_airport'

Any ideas? I ran out...

Kind regards,

Koen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20150129/272f7b58/attachment-0001.html>

More information about the Users mailing list