Hello everyone.
So i don't know what i'm doing wrong but this doesn't seem to work, i already
made the confgurations needed on the ovirt-engine-extension-aaa-ldap i'm a
little desperate here.
I'm going to put all the commands that i already made and the errors that they
give:
- ovirt-engine-e
1 - I'm using option 9, but i already tried the users that i have on the ldap a
none seems to work to bind.
2 - I was trying the 2 diferent aproaches by ip and hostname.
3 - The ldapadm is supose to be the LDAP Manager so my point is to bind that
user.
4 - None of the profiles seems to work b
1 - Result of the command:
[root@ovirt ~]# ldapsearch -x -b "ou=People,dc=lab,dc=local" -s sub -h
192.168.16.114 -p 389 -D "uid=node1,ou=People,dc=lab,dc=local" -W 'uid=node1'
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base with scope subtree
# filter: uid=node1
# requesting: ALL
#
# nod
It gives the same error that can't connect because of invalid credentials and
when i try to put the hostname on the option of Single Server it can't resolve
the host but when i ping him i can resolve it.
[root@ovirt ~]# ovirt-engine-extension-aaa-ldap-setup
[ INFO ] Stage: Initializing
[ INFO
So when i choose to use DNS and put on Single Server the ldap.lab.local it
can't be resolved for some reason but when i ping him with the hostname it can
make communication.
[root@ovirt ~]# ovirt-engine-extension-aaa-ldap-setup
[ INFO ] Stage: Initializing
[ INFO ] Stage: Environment setup
Even with that adjustments it gives the error of invalid credentials for the
user i specified in test login flow:
[root@ovirt ~]# ovirt-engine-extension-aaa-ldap-setup
[ INFO ] Stage: Initializing
[ INFO ] Stage: Environment setup
Configuration files:
['/etc/ovirt-engine-extension-a
[root@ovirt ~]# rpm -qa ovirt-engine
ovirt-engine-4.2.8.2-1.el7.noarch
[root@ovirt ~]# rpm -qa ovirt-engine-extension-aaa-ldap-setup
ovirt-engine-extension-aaa-ldap-setup-1.3.8-1.el7.noarch
LOGS /var/log/ovirt-engine/engine.log that basically are always like this:
2019-05-30 16:27:20,594+01 INFO
Note: The user that i used "System Administrator (RO)" it's a user that i
created for test with the id of users 1005 if i'm not mistaken.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement:
Ok the problem is solved the users can be seen on the Web-UI, thank you!
But another problem as arrived because this was only the laboratory, now when i
trie to do the setup between the Ovirt and the OpenLDAP in production the error
it gives is this:
[root@ovirt aaa]# ovirt-engine-extension-aaa
This is kind of funny but our OpenLDAP in production doesn't have any kind of
certificate.
I used 8 option for the lab.local so i was trying to do the same for the
OpenLDAP in production but they give the same error.
Note: The machine is in Azure but we have tested a rule on the firewall of
Az
I finally did it, i replicated the files from the lab to the production and
it's now working.
I'm gonna leave here the configuration of the files to the future someone who
is with difficulties:
[root@ovirt extensions.d]# cat example.com-authn.properties
ovirt.engine.extension.name = example.c
Hello,
So we have LDAP Authentication configured on Ovirt with aaa-extension, but the
users of LDAP are constantly not being able to login, but when i restart
ovirt-engine they can login again, but after some time they can't again bellow
i will leave some logs:
2019-10-25 13:38:20,287+01 ERROR
12 matches
Mail list logo