[ovirt-users] oVirt 4.0.4 and Active Directory Kerberos SSO for Administration/User Portal. Troubleshooting
Ondra Machacek
omachace at redhat.com
Fri Sep 30 12:52:53 UTC 2016
On 09/30/2016 02:44 PM, aleksey.maksimov at it-kb.ru wrote:
> Hello oVirt guru`s!
>
> I set up oVirt integration with Active Directory LDAP according to the manual:
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.6/html/Administration_Guide/sect-Configuring_an_External_LDAP_Provider.html#Configuring_an_External_LDAP_Provider_ManualMethod
>
> I created a profile integration with my domain. All is working well.
>
> Now I'm trying to configure single sign-on for portals based on Kerberos.
>
> All settings are performed according to the manual:
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Virtualization/3.6/html/Administration_Guide/Configuring_LDAP_and_Kerberos_for_Single_Sign-on.html
>
> Kerberos client tested and working. However, SSO is not working.
So if you run kinit and then:
$ curl --negotiate -u : -X GET -H "Accept: application/xml" -k
https://fqdn/ovirt-engine/api
It's fine?
>
> Please tell me how to find the cause of the problem. What are the steps to troubleshooting to do?
On oVirt engine check:
/var/log/httpd/ssl_error_log
/var/log/ovirt-engine/engine.log
On AD check kerberos log.
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
More information about the Users
mailing list