[ovirt-users] Errors while trying to join an external LDPA provider

Alexis HAUSER alexis.hauser at telecom-bretagne.eu
Thu Apr 28 12:59:52 UTC 2016 

Hi, 


I'm using 3.6.3.4-1.el7.centos and I'm having troubles joining an LDAP provider.

When I try to login into the new profile, I get a "general command validation failure" error.

This is what I can get from ovirt-engine/engine.log :


tail -n 400 /var/log/ovirt-engine/engine.log | grep -i error
2016-04-28 09:27:08,355 WARN  [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (default task-56) [] [ovirt-engine-extension-aaa-ldap.authn::public-authn] Cannot initialize LDAP framework, deferring initialization. Error: /etc/ovirt-engine/aaa/xxxx.jks  (No such file or directory)
2016-04-28 09:27:08,356 ERROR [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (default task-56) [] Error during CanDoActionFailure.: Class: class org.ovirt.engine.core.extensions.mgr.ExtensionInvokeCommandFailedException
2016-04-28 09:27:13,941 WARN  [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (default task-58) [] [ovirt-engine-extension-aaa-ldap.authn::public-authn] Cannot initialize LDAP framework, deferring initialization. Error: /etc/ovirt-engine/aaa/xxxx.jks  (No such file or directory)
2016-04-28 09:27:13,941 ERROR [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (default task-58) [] Error during CanDoActionFailure.: Class: class org.ovirt.engine.core.extensions.mgr.ExtensionInvokeCommandFailedException


I checked the permissions of the file and it's path and they are allright. Changing the path to /tmp/xxx.jks didn't help too.

Here is my .profile :


include = <openldap.properties>
vars.server = xxxx
vars.user = cn=xxxx,ou=xxxx,o=xxxx,dc=xxxx,dc=xxxx
vars.password = xxxx
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
pool.default.serverset.type = single
pool.default.serverset.single.server = ${global:vars.server}
pool.default.ssl.enable = true
pool.default.serverset.single.port = 636
pool.default.ssl.truststore.file = /tmp/xxxx.jks 
pool.default.ssl.truststore.password = xxxx


Any idea how to deal with that problem ?

More information about the Users mailing list