[ovirt-users] Can't perform search after setting up an Active Directory
Alexis HAUSER
alexis.hauser at telecom-bretagne.eu
Thu May 26 08:56:20 UTC 2016
>Please don't port 636 for DNS server, 636 is only for LDAPS protocol:
>vars.dns = dns://one.of.adservers.com
Ok, but as I explained, even without using 636, the result is the same.
When using the option "pool.default.serverset.srvrecord.service = ldaps" and "dns://one.of.adservers.com"
I get the following error (it still trying to point to the wrong adress)
"{Extkey[name=EXTENSION_INVOKE_MESSAGE;type=class java.lang.String;uuid=EXTENSION_INVOKE_MESSAGE[b7b053de-dc73-4bf7-9d26-b8bdb72f5893];]=An error occurred while attempting to query DNS in order to retrieve SRV records with name 'ldaps._tcp.university.mydomain.com': javax.naming.NameNotFoundException: DNS name not found [response code 3]; remaining name 'ldaps._tcp.university.mydomain.com', Extkey[name=EXTENSION_INVOKE_RESULT;type=class java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=2}"
when disabling (commenting the line) "pool.default.serverset.srvrecord.service = ldaps" I get the following error :
"{Extkey[name=EXTENSION_INVOKE_MESSAGE;type=class java.lang.String;uuid=EXTENSION_INVOKE_MESSAGE[b7b053de-dc73-4bf7-9d26-b8bdb72f5893];]=An error occurred while attempting to connect to server one.of.adservers.com:389: java.io.IOException: LDAPException(resultCode=91 (connect error), errorMessage='Unable to verify an attempt to to establish a secure connection to 'one.of.adservers.com:389' because an unexpected error was encountered during validation processing: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated') caused by LDAPException(resultCode=91 (connect error), errorMessage='Unable to verify an attempt to to establish a secure connection to 'one.of.adservers.com:389' because an unexpected error was encountered during validation processing: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated')LDAPException(resultCode=91 (connect error), errorMessage='Unable to verify an attempt to to establish a secure connection to 'one.of.adservers.com:389' because an unexpected error was encountered during validation processing: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated') caused by javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated, Extkey[name=EXTENSION_INVOKE_RESULT;type=class java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=2}"
So I think I need a way to combine both of them, but using the right dns, what option can do that ?
More information about the Users
mailing list