[ovirt-users] Fwd: FreeIPA authentication broken
Kristian Petersen
nesretep at chem.byu.edu
Wed Apr 25 16:20:02 UTC 2018
I restarted the service and it is working beautifully again. Thank you for
you time and effort in helping me.
As for what caused this mess...
My hosted engine crashed after it's storage was temporarily disconnected by
an automatic application of an update which then rebooted the NAS. After I
was able to get the engine back up, but running my IPA logins didn't work
anymore and I had no idea why that would be. I hadn't changed anything in
relation to any of that so it made little sense why it stopped working.
On Wed, Apr 25, 2018 at 1:39 AM, Ondra Machacek <omachace at redhat.com> wrote:
> Yep, you need to restart ovirt-engine service so the changes take
> effect.
>
> Anyway, we need to figure out what removed your IPA.properties and
> IPA.jks file. What did you do before it stop work?
>
> On 04/25/2018 12:37 AM, Kristian Petersen wrote:
>
>>
>> ---------- Forwarded message ----------
>> From: *Kristian Petersen* <nesretep at chem.byu.edu <mailto:
>> nesretep at chem.byu.edu>>
>> Date: Tue, Apr 24, 2018 at 12:38 PM
>> Subject: Re: [ovirt-users] FreeIPA authentication broken
>> To: Ondra Machacek <omachace at redhat.com <mailto:omachace at redhat.com>>
>>
>>
>> That directory only contains internal.properties. So I copied the
>> IPA.properties, IPA-authn.properties, and IPA.jks files all into the 'aaa'
>> subdirectory and set ownership and permissions as you directed. I reran
>> the command you gave me initially and it prompted me for a password for the
>> user when entered the process exited with status 0. However, the web
>> interface still isn't letting me log in. Do I need to restart a service
>> for the changes to be effective in the web UI?
>>
>> On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek <omachace at redhat.com
>> <mailto:omachace at redhat.com>> wrote:
>>
>> Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties
>>
>> It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in
>> /etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's there?
>> Please check also the correct permissions of that file, it should be
>> '600' and owned by ovirt user.
>>
>>
>> On 04/23/2018 10:25 PM, Kristian Petersen wrote:
>>
>> Looks like it can't find the IPA.properties file. I tried
>> following the path it is complaining about but there are only
>> files in /etc/ovirt-engine/extensions.d on the engine VM. No
>> subdirectories. However, that directory appears to contain the
>> files it is looking for. Both IPA-authn.properties and
>> IPA.properties are there as are the internal properties files.
>> Is there a config file we can edit to tell it to look in the
>> right place?
>>
>>
>>
>>
>> --
>> Kristian Petersen
>> System Administrator
>> BYU Dept. of Chemistry and Biochemistry
>>
>>
>>
>> --
>> Kristian Petersen
>> System Administrator
>> BYU Dept. of Chemistry and Biochemistry
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180425/f6d39b2f/attachment.html>
More information about the Users
mailing list