[ovirt-users] LDAP-based domain not working after upgrade?
nicolas at devels.es
nicolas at devels.es
Fri Aug 12 15:53:35 UTC 2016
El 2016-08-10 14:46, Nicolás escribió:
> En 10/8/2016 2:29 p. m., Alexander Wels <awels at redhat.com> escribió:
>
>> On Wednesday, August 10, 2016 9:02:16 AM EDT Alexander Wels wrote:
>
>>> On Wednesday, August 10, 2016 9:10:25 AM EDT nicolas at devels.es
>> wrote:
>
>>>> El 2016-08-10 08:58, Ondra Machacek escribió:
>
>>>> > On 08/10/2016 09:37 AM, Nicolás wrote:
>
>>>> >> Hi,
>
>>>> >>
>
>>>> >> We're running oVirt 4.0.1.1 [1], and we're trying to grant a
>> permission to
>
>>>> >> a
>
>>>> >> user on a VM. Thing is when we open the 'Permissions' subtab
>> on that
>
>>>> >> VM,
>
>>>> >> we click on Add, the LDAP backend shows up but any value
>> entered into
>
>>>> >> the search box returns nothing, even when I know the values
>> exist.
>
>>>> >>
>
>>>> >> This has been working on oVirt 3.x, we actually migrated to
>> 4.x last
>
>>>> >> week and didn't notice this issue.
>
>>>> >>
>
>>>> >> Additionally, there's no combobox to choose the permission to
>> grant?
>
>>>> >
>
>>>> > There should be combo box to choose a role.
>
>>>>
>
>>>> I've attached a screenshot, seems there's not.
>
>>>
>
>>> Its highly likely the dropdown is there, but its scrolled below
>> the bottom
>
>>> of the dialog and thus you can't see it. I thought I made sure all
>> the
>
>>> dialogs were working, seems like I missed one. Let me check it out
>> and see
>
>>> what is going on.
>
>>>
>
>>
>
>> Okay I double checked, I went to the VMs main tab, selected a VM,
>> then went to
>
>> the permissions sub tab. Clicked add. The dialog that popped up
>> looks like the
>
>> one attached, which is what I was expecting. The one you attached
>> appears to
>
>> be missing some styling, which is likely what caused the Role to
>> Assign part
>
>> to be scrolled below the bottom of the page.
>
>>
>
>> Can you complete clear your cache (not shift reload, but
>> settings->clear
>
>> cache). If that doesn't work can you tell us the version of the
>> patternfly rpm
>
>> installed on your engine?
>
>>
>
>> Yes, I already did that, also opened the engine on different clients
>> and the behavior is the same, I believe this is not a client issue.
>> Patternfly package is patternfly1-1.3.0-1.el7.centos.noarch
>
Ok, this indeed seems like a graphics problem since I am seeing this
connecting to a machine through a VNC server and the Role combobox is
moved down out of the dialog.
However, the LDAP issue persists. When I choose the 'internal' domain, I
can search the 'admin' user successfully, however, if I set it to be the
LDAP domain, any search returns nothing.
Any hints or ideas how to debug this?
Thanks.
>>
>
>> Anyhow, I see there are lots of packages to update so I'll do so
>> within a few days and report results.
>
>>
>
>>>> >> All this is done with the admin at internal user, so I guess
>> this is not
>
>>>> >> a
>
>>>> >> self-permission issue.
>
>>>> >>
>
>>>> >> Interesting thing is that I can successfully log-in to the
>> user portal
>
>>>> >> with a LDAP based user and manage all the VMs assigned to
>> them.
>
>>>> >>
>
>>>> >> Just to see if there's been any configuration change, we also
>> run the
>
>>>> >> ovirt-engine-extension-aaa-ldap-setup tool, the configuration
>> it
>
>>>> >> returns
>
>>>> >> is pretty similar to ours, and even the test commands (Login,
>> Search)
>
>>>> >> work successfully (I can see search returning user's data
>> like name,
>
>>>> >> surname, ...). We even applied this configuration to engine
>> to see if
>
>>>> >> it
>
>>>> >> makes a difference but the result is the same, the search
>> dialog
>
>>>> >> returns
>
>>>> >> nothing and neither I can see the permission to grant.
>
>>>> >>
>
>>>> >> Any hint about this?
>
>>>> >
>
>>>> > Maybe you hit similar issue to this one[1].
>
>>>> >
>
>>>> > Can you please share engine.log, while you hit search button?
>
>>>>
>
>>>> I'm also attaching the log at the time I hit the search button,
>> but I'm
>
>>>> afraid there's no entry about that.
>
>>>>
>
>>>> Thanks.
>
>>>>
>
>>>> > [1] https [2]://bugzilla.redhat.com/show_bug.cgi?id=1356675
>> [2]
>
>>>> >
>
>>>> >> Thanks
>
>>>> >> _______________________________________________
>
>>>> >> Users mailing list
>
>>>> >> Users at ovirt.org
>
>>>> >> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/
>> [3]users [3]
>
>>>
>
>>> _______________________________________________
>
>>> Users mailing list
>
>>> Users at ovirt.org
>
>>> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/
>> [3]users [3]
>
>> _______________________________________________
>
>> Users mailing list
>
>> Users at ovirt.org
>
>> http [3]://lists.ovirt.org/ [3]mailman [3]/ [3]listinfo [3]/
>> [3]users [3]
>
>>
>
>
>
> Links:
> ------
> [1] http://4.0.1.1
> [2] https://bugzilla.redhat.com/show_bug.cgi?id=1356675
> [3] http://lists.ovirt.org/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
More information about the Users
mailing list