[ovirt-users] oVirt - AD authentication Issues.

Michael Mortensen (MCMR) mcmr at oticon.com
Wed Apr 18 14:13:59 UTC 2018 

Hi,

Re. FQDN:
The full username is a combination of the full username from your AD, e.g. ban-mg01 at BANONE......net<mailto:ban-mg01 at BANONE......net>, and the internal domain which was configured during LDAP setup, e.g. "@internal" or in this case "@<domain>". During the setup you were asked to put a name or something and here you could put whatever - it has no real effect as far as I can tell. It could have been "@banone" for all oVirt cared, I believe.

Re. user login:
oVirt differs between being able to log in that is being authorized and logging into the portals. If you make sure your user account has admin privileges, you should be able to log into the administration portal, too. Check the permissions.


// Mike



From: users-bounces at ovirt.org [mailto:users-bounces at ovirt.org] On Behalf Of G, Maghesh Kumar (Nokia - IN/Bangalore)
Sent: 18. april 2018 11:27
To: users at ovirt.org
Subject: [ovirt-users] oVirt - AD authentication Issues.

Hi,


Description of problem:

Not able to perform operations like Administration portal or VM Portal.

Also not sure why FQDN appears twice!...

ERROR: The user ban-mg01 at BANONE.nsn-rdnet.net@BANONE.nsn-rdnet.net<mailto:ban-mg01 at BANONE.nsn-rdnet.net@BANONE.nsn-rdnet.net> is not authorized to perform login



oVirt Engine Version: Ovirt-4.2.2

Host is installed with RHEL 7.4





Actual results:

2018-04-18 14:35:51,388+05 INFO  [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-55) [27275ec2] Running command: CreateUserSessionCommand internal: false.
2018-04-18 14:35:51,412+05 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-55) [27275ec2] EVENT_ID: USER_VDC_LOGIN_FAILED(114), User ban-mg01 at BANONE.nsn-rdnet.net@BANONE.nsn-rdnet.net<mailto:ban-mg01 at BANONE.nsn-rdnet.net@BANONE.nsn-rdnet.net> connecting from '10.136.189.117' failed to log in.
2018-04-18 14:35:51,413+05 ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-55) [] The user ban-mg01 at BANONE.nsn-rdnet.net@BANONE.nsn-rdnet.net<mailto:ban-mg01 at BANONE.nsn-rdnet.net@BANONE.nsn-rdnet.net> is not authorized to perform login

[cid:image001.png at 01D3D730.41E6E790]


Please guide us how to proceed!..

Thank you!.

Regards,
Maghesh

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180418/b9eac6df/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 74863 bytes
Desc: image001.png
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180418/b9eac6df/attachment.png>

More information about the Users mailing list