[ovirt-users] FreeIPA authentication broken
Kristian Petersen
nesretep at chem.byu.edu
Mon Apr 23 14:30:10 UTC 2018
Hey everyone,
I had FreeIPA authentication set up on my oVirt instance and it was working
great. Then something happened that disconnected my NFS storage and caused
a problem with my hosted-engine. Once I got it back up and running again,
my FreeIPA authentication was sill a choice for authentication, but it
always rejects my password even though it is correct. I have tried running
the setup again to no avail. Nothing shows up in the httpd error log when
the login fails. The engine.log from ovirt-engine in /var/log shows the
following upon attempting to authenticate with a user from freeIPA:
2018-04-23 08:08:24,384-06 WARN
[org.ovirt.engineextensions.aaa.ldap.Framework] (default task-34) []
Ignoring records from pool: 'authz'
2018-04-23 08:08:24,384-06 ERROR
[org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet] (default
task-34) [] Cannot authenticate user 'nesretep at IPA' connecting from
'UNKNOWN': The username or password is incorrect.
I'm not sure why 'authz' is being ignored but it is certainly why IPA
authentication isn't working as 'username at authz' is how IPA logins show up
in oVirt when they do work. Any ideas where to look next?
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180423/1001a49d/attachment.html>
More information about the Users
mailing list