[ovirt-users] broken authz
Fabrice Bacchella
fabrice.bacchella at orange.fr
Mon Aug 21 11:00:31 UTC 2017
Since a few days, I can't connect any more to ovirt. I'm using an ldap authz.
In the log I see:
2017-08-21 11:41:56,513+01 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-14) [] Creating SearchRequest
2017-08-21 11:41:56,514+01 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-14) [] SearchRequest: SearchRequest(baseDN='CN=Partitions,', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=0, filter='&(objectClass=crossRef)(nCName=)(nETBIOSName=*)', attrs={nCName, dnsRoot})
2017-08-21 11:41:56,514+01 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-14) [] getConnectionPoolEntry Entry name='authz', dn='CN=Partitions,'
2017-08-21 11:41:56,514+01 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-14) [] Sequence ad-open-vars default domain failed due to exception: Unexpected comma or semicolon found at the end of the DN string.
2017-08-21 11:41:56,514+01 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (default task-14) [] Exception during sequence: LDAPException(resultCode=34 (invalid DN syntax), errorMessage='Unexpected comma or semicolon found at the end of the DN string.')
at com.unboundid.ldap.sdk.DN.<init>(DN.java:629) [unboundid-ldapsdk.jar:3.2.0]
at com.unboundid.ldap.sdk.DN.normalize(DN.java:1483) [unboundid-ldapsdk.jar:3.2.0]
at com.unboundid.ldap.sdk.DN.normalize(DN.java:1460) [unboundid-ldapsdk.jar:3.2.0]
at org.ovirt.engineextensions.aaa.ldap.Framework.getDNDomainComponent(Framework.java:235) [ovirt-engine-extension-aaa-ldap.jar:]
at org.ovirt.engineextensions.aaa.ldap.Framework.getConnectionPoolEntry(Framework.java:827) [ovirt-engine-extension-aaa-ldap.jar:]
Indeed it's looking for 'CN=Partitions,'. But that's not in my ovirt's configuration. So it's must be coming from AD. But I was unable to find it. I think I will need it to report it to my AD admins.
More information about the Users
mailing list