[ovirt-users] FreeIPA with ovirt 4.1
Slava Bendersky
volga629 at networklab.ca
Sat Feb 4 00:20:55 UTC 2017
Hello Everyone,
Having trouble implement FreeIPA authentication with GSSAPI SSO and ovirt 4.1. I ran setup and it finished OK then it wrote the files bellow. Next I log to web admin with internal user and added FeeIPA user as SuperUser role. Also I added under System FreeIPA group authorized to login on any attempt to login with FreeIPA credentials getting message
2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet] (default task-6) [] Internal Server Error: Unsupported command
2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-6) [] Unsupported command
2017-02-04 00:03:08,659Z ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-3) [] server_error: Unsupported command
Also when in extensions.d directory contain the following files. If I remove mydomain.lan-authn.properties then in web ui FreeIPA domain not showing up in drop down list. Any http don't have influence on this.
[root at vhe00 extensions.d]# pwd
/etc/ovirt-engine/extensions.d
[root at vhe00 extensions.d]# ls
mydomain.lan-authn.properties mydomain.lan -http-authn.properties mydomain.lan .properties internal-authz.properties
mydomain.lan -authz.properties mydomain.lan -http-mapping.properties internal-authn.properties
[root at vhe00 extensions.d]#
If possible clarify how it should be and what is possible issue.
Slava.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20170203/5972693d/attachment.html>
More information about the Users
mailing list