[ovirt-users] Fwd: FreeIPA authentication broken

Enrico Becchetti enrico.becchetti at pg.infn.it
Thu Apr 26 09:43:43 UTC 2018 

   Dear All,
I'm following this thread because thinking to SAML ovirt integration. 
Can you help me ?
Does ovirt support this kind of authentication ? Could you send me more 
information or
a link to guide ?
Thanks a lot.
Best Regards
Enrico


Il 25/04/2018 18:20, Kristian Petersen ha scritto:
> I restarted the service and it is working beautifully again.  Thank 
> you for you time and effort in helping me.
>
> As for what caused this mess...
> My hosted engine crashed after it's storage was temporarily 
> disconnected by an automatic application of an update which then 
> rebooted the NAS.  After I was able to get the engine back up, but 
> running my IPA logins didn't work anymore and I had no idea why that 
> would be.  I hadn't changed anything in relation to any of that so it 
> made little sense why it stopped working.
>
> On Wed, Apr 25, 2018 at 1:39 AM, Ondra Machacek <omachace at redhat.com 
> <mailto:omachace at redhat.com>> wrote:
>
>     Yep, you need to restart ovirt-engine service so the changes take
>     effect.
>
>     Anyway, we need to figure out what removed your IPA.properties and
>     IPA.jks file. What did you do before it stop work?
>
>     On 04/25/2018 12:37 AM, Kristian Petersen wrote:
>
>
>         ---------- Forwarded message ----------
>         From: *Kristian Petersen* <nesretep at chem.byu.edu
>         <mailto:nesretep at chem.byu.edu> <mailto:nesretep at chem.byu.edu
>         <mailto:nesretep at chem.byu.edu>>>
>         Date: Tue, Apr 24, 2018 at 12:38 PM
>         Subject: Re: [ovirt-users] FreeIPA authentication broken
>         To: Ondra Machacek <omachace at redhat.com
>         <mailto:omachace at redhat.com> <mailto:omachace at redhat.com
>         <mailto:omachace at redhat.com>>>
>
>
>         That directory only contains internal.properties.  So I copied
>         the IPA.properties, IPA-authn.properties, and IPA.jks files
>         all into the 'aaa' subdirectory and set ownership and
>         permissions as you directed.  I reran the command you gave me
>         initially and it prompted me for a password for the user when
>         entered the process exited with status 0.  However, the web
>         interface still isn't letting me log in.  Do I need to restart
>         a service for the changes to be effective in the web UI?
>
>         On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek
>         <omachace at redhat.com <mailto:omachace at redhat.com>
>         <mailto:omachace at redhat.com <mailto:omachace at redhat.com>>> wrote:
>
>             Right, you are missing file
>         /etc/ovirt-engine/aaa/IPA.properties
>
>             It's not subdirectory of /etc/ovirt-engine/extensions.d,
>         but it's in
>             /etc/ovirt-engine/ in 'aaa' subdirectory, can you check
>         what's there?
>             Please check also the correct permissions of that file, it
>         should be
>             '600' and owned by ovirt user.
>
>
>             On 04/23/2018 10:25 PM, Kristian Petersen wrote:
>
>                 Looks like it can't find the IPA.properties file.  I tried
>                 following the path it is complaining about but there
>         are only
>                 files in /etc/ovirt-engine/extensions.d on the engine
>         VM.  No
>                 subdirectories.  However, that directory appears to
>         contain the
>                 files it is looking for.  Both IPA-authn.properties and
>                 IPA.properties are there as are the internal
>         properties files.         Is there a config file we can edit
>         to tell it to look in the
>                 right place?
>
>
>
>
>         -- 
>         Kristian Petersen
>         System Administrator
>         BYU Dept. of Chemistry and Biochemistry
>
>
>
>         -- 
>         Kristian Petersen
>         System Administrator
>         BYU Dept. of Chemistry and Biochemistry
>
>
>         _______________________________________________
>         Users mailing list
>         Users at ovirt.org <mailto:Users at ovirt.org>
>         http://lists.ovirt.org/mailman/listinfo/users
>         <http://lists.ovirt.org/mailman/listinfo/users>
>
>
>
>
> -- 
> Kristian Petersen
> System Administrator
> BYU Dept. of Chemistry and Biochemistry
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users


-- 
_______________________________________________________________________

Enrico Becchetti                    Servizio di Calcolo e Reti

Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica  06123 Perugia (ITALY)
Phone:+39 075 5852777             Mail: Enrico.Becchetti<at>pg.infn.it
______________________________________________________________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20180426/9858c764/attachment.html>

More information about the Users mailing list