Re: [ovirt-users] FreeIPA authentication broken

2018-04-24 Thread Ondra Machacek
Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in /etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's there? Please check also the correct permissions of that file, it should be '600' and owned by

Re: [ovirt-users] FreeIPA authentication broken

2018-04-23 Thread Kristian Petersen
Looks like it can't find the IPA.properties file. I tried following the path it is complaining about but there are only files in /etc/ovirt-engine/extensions.d on the engine VM. No subdirectories. However, that directory appears to contain the files it is looking for. Both IPA-authn.properties

Re: [ovirt-users] FreeIPA authentication broken

2018-04-23 Thread Kristian Petersen
After running ovirt-engine-extensions-tool --log-level=FINEST --log-file=/tmp/aaa.log aaa login-user --user-name nesretep --profile IPA... *Contents of /tmp/aaa.log:* 2018-04-23 14:10:58,771-06 FINEVersion: ovirt-engine-4.2.1.7 () 2018-04-23 14:10:58,856-06 INFO

Re: [ovirt-users] FreeIPA authentication broken

2018-04-23 Thread Ondra Machacek
On 04/23/2018 04:30 PM, Kristian Petersen wrote: Hey everyone, I had FreeIPA authentication set up on my oVirt instance and it was working great.  Then something happened that disconnected my NFS storage and caused a problem with my hosted-engine.  Once I got it back up and running again, my

[ovirt-users] FreeIPA authentication broken

2018-04-23 Thread Kristian Petersen
Hey everyone, I had FreeIPA authentication set up on my oVirt instance and it was working great. Then something happened that disconnected my NFS storage and caused a problem with my hosted-engine. Once I got it back up and running again, my FreeIPA authentication was sill a choice for

Re: [ovirt-users] FreeIPA with ovirt 4.1

2017-02-15 Thread Ondra Machacek
<volga...@networklab.ca> > wrote: >> Hello Everyone, >> Anything else possible to check ? >> >> Slava. >> >> >> From: "Slava Bendersky" <volga...@networklab.ca> >> To: "Ondra Machacek" <

Re: [ovirt-users] FreeIPA with ovirt 4.1

2017-02-10 Thread Slava Bendersky
ne.core.sso\") ]' not found", "rolled-back" => true } Slava, From: "Ondra Machacek" <omach...@redhat.com> To: "Slava Bendersky" <volga...@networklab.ca> Cc: "users" <users@ovirt.org> Sent: Thursday, February 9, 2017 2:31:16

Re: [ovirt-users] FreeIPA with ovirt 4.1

2017-02-09 Thread Ondra Machacek
: > Hello Everyone, > Anything else possible to check ? > > Slava. > > > From: "Slava Bendersky" <volga...@networklab.ca> > To: "Ondra Machacek" <omach...@redhat.com> > Cc: "users" <users@ovirt.org&

Re: [ovirt-users] FreeIPA with ovirt 4.1

2017-02-09 Thread Slava Bendersky
Hello Everyone, Anything else possible to check ? Slava. From: "Slava Bendersky" <volga...@networklab.ca> To: "Ondra Machacek" <omach...@redhat.com> Cc: "users" <users@ovirt.org> Sent: Saturday, February 4, 2017 2:27:31 PM Subject: Re: [o

Re: [ovirt-users] FreeIPA with ovirt 4.1

2017-02-04 Thread Slava Bendersky
;users" <users@ovirt.org>, "Ravi" <rn...@redhat.com> Sent: Saturday, February 4, 2017 10:35:31 AM Subject: Re: [ovirt-users] FreeIPA with ovirt 4.1 On Feb 4, 2017 1:21 AM, "Slava Bendersky" < [ mailto:volga...@networklab.ca | volga...@networklab.ca ]

Re: [ovirt-users] FreeIPA with ovirt 4.1

2017-02-04 Thread Ondra Machacek
On Feb 4, 2017 1:21 AM, "Slava Bendersky" wrote: Hello Everyone, Having trouble implement FreeIPA authentication with GSSAPI SSO and ovirt 4.1. I ran setup and it finished OK then it wrote the files bellow. Next I log to web admin with internal user and added FeeIPA

[ovirt-users] FreeIPA with ovirt 4.1

2017-02-03 Thread Slava Bendersky
Hello Everyone, Having trouble implement FreeIPA authentication with GSSAPI SSO and ovirt 4.1. I ran setup and it finished OK then it wrote the files bellow. Next I log to web admin with internal user and added FeeIPA user as SuperUser role. Also I added under System FreeIPA group authorized

Re: [ovirt-users] FreeIPA

2015-09-23 Thread Ondra Machacek
*De: *"Ondra Machacek" <omach...@redhat.com> *Para: *supo...@logicworks.pt, users@ovirt.org *Enviadas: *Quarta-feira, 23 De Setembro de 2015 7:40:12 *Assunto: *Re: [ovirt-users] FreeIPA Just for clarification - ovirt-engine-extension-aaa-ldap-setup is available from oVi

Re: [ovirt-users] FreeIPA

2015-09-23 Thread Ondra Machacek
edhat.com> *Para: *supo...@logicworks.pt *Cc: *users@ovirt.org *Enviadas: *Quarta-feira, 23 De Setembro de 2015 12:50:46 *Assunto: *Re: [ovirt-users] FreeIPA You don't have to do anything on IPA side, just create users/groups. OK, nothing in the log at INFO level, initialization succeed, so can you plea

Re: [ovirt-users] FreeIPA

2015-09-23 Thread Ondra Machacek
rue' *De: *"Ondra Machacek" <omach...@redhat.com> *Para: *supo...@logicworks.pt *Cc: *users@ovirt.org *Enviadas: *Quarta-feira, 23 De Setembro de 2015 15:02:54 *Assunto: *Re: [ovirt-users] FreeIPA Try this[1] easier approach. [1] https://gerrit

Re: [ovirt-users] FreeIPA

2015-09-23 Thread suporte
achacek" <omach...@redhat.com> Para: supo...@logicworks.pt Cc: users@ovirt.org Enviadas: Quarta-feira, 23 De Setembro de 2015 12:50:46 Assunto: Re: [ovirt-users] FreeIPA You don't have to do anything on IPA side, just create users/groups. OK, nothing in the log at INFO level, initiali

Re: [ovirt-users] FreeIPA

2015-09-23 Thread Ondra Machacek
at.com> *Para: *supo...@logicworks.pt *Cc: *users@ovirt.org *Enviadas: *Quarta-feira, 23 De Setembro de 2015 16:39:05 *Assunto: *Re: [ovirt-users] FreeIPA As you can see in exception you have trailing space at the end of your fqdn of IPA, please remove the trailing space in propert

Re: [ovirt-users] FreeIPA

2015-09-23 Thread suporte
a lot - Mensagem original - De: "Ondra Machacek" <omach...@redhat.com> Para: supo...@logicworks.pt Cc: users@ovirt.org Enviadas: Quarta-feira, 23 De Setembro de 2015 16:39:05 Assunto: Re: [ovirt-users] FreeIPA As you can see in exception you have trailing space at

Re: [ovirt-users] FreeIPA

2015-09-23 Thread Ondra Machacek
iadas: *Sexta-feira, 18 De Setembro de 2015 15:48:22 *Assunto: *Re: [ovirt-users] FreeIPA - Original Message - > From: supo...@logicworks.pt > To: "users" <users@ovirt.org> > Sent: Friday, September 18, 2015 5:45:18 PM > Subject: [ovirt-users] FreeIPA > >

Re: [ovirt-users] FreeIPA

2015-09-23 Thread suporte
..@redhat.com> Para: supo...@logicworks.pt, users@ovirt.org Enviadas: Quarta-feira, 23 De Setembro de 2015 7:40:12 Assunto: Re: [ovirt-users] FreeIPA Just for clarification - ovirt-engine-extension-aaa-ldap-setup is available from oVirt 3.6 Can you send engine.log, hard to say what's wrong fr

Re: [ovirt-users] FreeIPA

2015-09-22 Thread Ravi Nori
*supo...@logicworks.pt *Cc: *"users" <users@ovirt.org> *Enviadas: *Sexta-feira, 18 De Setembro de 2015 15:48:22 *Assunto: *Re: [ovirt-users] FreeIPA - Original Message - > From: supo...@logicworks.pt > To: "users" <users@ovirt.org> > Sent: Friday,

Re: [ovirt-users] FreeIPA

2015-09-22 Thread suporte
uot;users" <users@ovirt.org> Enviadas: Sexta-feira, 18 De Setembro de 2015 15:48:22 Assunto: Re: [ovirt-users] FreeIPA - Original Message - > From: supo...@logicworks.pt > To: "users" <users@ovirt.org> > Sent: Friday, September 18, 2015 5:45:18 PM