[ovirt-users] oVirt AD integration problems

cmc iucounu at gmail.com
Wed Sep 28 15:14:40 UTC 2016


I'm trying to use the directory services provided by the
ovirt-engine-extension-aaa-ldap, and I can get it to successfully login
when I run the tests in the setup script, but when I login via the GUI, it
gives me:

unexpected error was encountered during validation processing:
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated'

and fails login. It looks a bit like it is expecting to already be joined
to the domain, so I tried doing that manually via realmd and sssd. It
involved installing a lot of packages, such as kerberos and samba, which I
am nervous about on an engine host. Anyway, once I was joined, it still
gives me the same 'peer not authenticated' message. Does it need to be
separately bound to the domain, i.e., do you need all the other stuff
installed and running for it to work, or is the
ovirt-engine-extension-aaa-ldap package all that is needed?

Anyway, I ran the ovirt-engine-extensions-tool --log-level=FINEST
--log-file=/tmp/aaa.log aaa search --extension-name=domain-authz command
suggested in an earlier post, and it only gave me one exception, which was:

2016-09-28 16:08:15 SEVERE  Extension domain-authz could not be found
2016-09-28 16:08:15 FINE    Exception:
org.ovirt.engine.core.extensions.mgr.ConfigurationException: Extension
domain-authz could not be found

Thanks for any help,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20160928/617744f9/attachment-0001.html>

More information about the Users mailing list