[ovirt-users] FreeIPA with ovirt 4.1

[Ondra Machacek]

On Feb 4, 2017 1:21 AM, "Slava Bendersky" <volga629 at networklab.ca> wrote:

Hello Everyone,
Having trouble implement  FreeIPA authentication with GSSAPI SSO  and ovirt
4.1. I ran setup and it finished OK then it wrote the files bellow. Next I
log to web admin with internal user and added FeeIPA user as SuperUser
role. Also I added under System FreeIPA group authorized to login on any
attempt to login with FreeIPA credentials getting message


2017-02-04 00:03:08,464Z ERROR
[org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet]
(default task-6) [] Internal Server Error: Unsupported command
2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.utils.SsoUtils]
(default task-6) [] Unsupported command
2017-02-04 00:03:08,659Z ERROR
[org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet]
(default task-3) [] server_error: Unsupported command


Ravi, do you know what this can cause?



Also when in extensions.d directory contain the following files. If I
remove mydomain.lan-authn.properties then in web ui FreeIPA domain not
showing up in drop down list. Any http don't have influence on this.


That is correct behavior, we dont show profiles, which uses http for authn.


[root at vhe00 extensions.d]# pwd
/etc/ovirt-engine/extensions.d

[root at vhe00 extensions.d]# ls
mydomain.lan-authn.properties mydomain.lan-http-authn.properties
mydomain.lan.properties      internal-authz.properties
mydomain.lan-authz.properties mydomain.lan-http-mapping.properties
 internal-authn.properties
[root at vhe00 extensions.d]#


If possible clarify how it should be and what is possible issue.


Can you please take a look to /var/log/httpd/ssl_error_log if any errors
there?




Slava.

_______________________________________________
Users mailing list
Users at ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20170204/15330a45/attachment.html>