----- Original Message ----- > From: "Grzegorz Szypa" <grzegorz.sz...@gmail.com> > To: "Martin Perina" <mper...@redhat.com>, users@ovirt.org > Sent: Wednesday, September 24, 2014 11:19:27 AM > Subject: Re: [ovirt-users] [ovirt 3.4.3] No KDC can be obtained for domain... > after using engine-manage-domains edit > > Hi. > > It's a little strange, because I can easily attach clients (VMs) to the > Microsoft AD domain. Only sometimes there are problems with connectivity, > but I will solve this in two ways: add the DNS suffix or adds a static > primary DNS, which indicates domain. > > /etc/resolv.conf > nameserver 172.30.30.253 # DNS and AD server > nameserver 172.30.30.1 # Router - DHCP > search szypa.net > > By the way, is also one strange thing: > > Every time when I inserted record "nameserver 172.30.30.253" to file > "resolv.conf" from time to time the file is overwritten / changed (I have > no idea how) and record "nameserver 172.30.30.253" disappears (just as you > would in general not been added).
It depends what is your network configuration. If you are using static IP, then network configuration is defined in /etc/sysconfig/network-scripts/ifcfg-XXX (XXX is the name of device) using DNSx params. In you case DNS1=172.30.30.25 DNS2=172.30.30.1 If you are using DHCP, then /etc/resolv.conf is usually altered on IP address renewal. > > *And in all this is the cause that generates the problem.* > > *So I think that the problem are solved, but i do not know how to resolve a > problem with hidding configuration in /etc/resolv.conf* > > Regards, > > *Grzegorz Szypa* > > > 2014-09-24 8:03 GMT+02:00 Martin Perina <mper...@redhat.com>: > > > Hi, > > > > I looked at the logs and you have serious DNS problems: > > > > 2014-09-24 07:32:24,984 ERROR > > [org.ovirt.engine.core.bll.adbroker.GetRootDSE] > > (DefaultQuartzScheduler_Worker-15) Failed to query rootDSE for LDAP server > > ldap://szypa.net:389 due to szypa.net:389 > > 2014-09-24 07:32:24,984 ERROR > > [org.ovirt.engine.core.bll.adbroker.DirectorySearcher] > > (DefaultQuartzScheduler_Worker-15) Failed ldap search server ldap:// > > szypa.net:389 using user ov...@szypa.net due to > > javax.naming.CommunicationException: szypa.net:389 [Root exception is > > java.net.UnknownHostException: szypa.net]. We should try the next server > > > > You cannot authenticate your users, because LDAP server ldap:// > > szypa.net:389 > > cannot be resolved. Are you able to resolve szypa.net on you engine host? > > > > > > > > ----- Original Message ----- > > > From: "Grzegorz Szypa" <grzegorz.sz...@gmail.com> > > > To: "Martin Perina" <mper...@redhat.com>, users@ovirt.org > > > Sent: Wednesday, September 24, 2014 7:32:56 AM > > > Subject: Re: [ovirt-users] [ovirt 3.4.3] No KDC can be obtained for > > domain... after using engine-manage-domains edit > > > > > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1 <<>> SRV _kerberos._ > > > tcp.szypa.net > > > ;; global options: +cmd > > > ;; Got answer: > > > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65248 > > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > > > > > > ;; QUESTION SECTION: > > > ;_kerberos._tcp.szypa.net. IN SRV > > > > > > ;; AUTHORITY SECTION: > > > net. 890 IN SOA a.gtld-servers.net. > > > nstld.verisign-grs.com. 1411536712 1800 900 604800 86400 > > > > > > ;; Query time: 28 msec > > > ;; SERVER: 172.30.30.1#53(172.30.30.1) > > > ;; WHEN: Wed Sep 24 07:32:23 2014 > > > ;; MSG SIZE rcvd: 115 > > > > > > This looks like that szypa.net domain doesn't exist at all. Do you really > > have > > correct DNS configuration on engine host? > > > > > > > > > > > 2014-09-24 7:06 GMT+02:00 Martin Perina <mper...@redhat.com>: > > > > > > > Hi, > > > > > > > > the error message mean, that we cannot find any KDC servers > > > > in DNS. Could you please post results of the following command: > > > > > > > > dig SRV _kerberos._tcp.szypa.net > > > > > > > > Regarding the errors after oVirt restart, could you please post > > > > your engine.log? > > > > > > > > Thanks > > > > > > > > Martin Perina > > > > > > > > > > > > ----- Original Message ----- > > > > > From: "Grzegorz Szypa" <grzegorz.sz...@gmail.com> > > > > > To: fkob...@redhat.com, users@ovirt.org > > > > > Sent: Tuesday, September 23, 2014 3:41:02 PM > > > > > Subject: [ovirt-users] [ovirt 3.4.3] No KDC can be obtained for > > > > domain... after using engine-manage-domains edit > > > > > > > > > > Hi. > > > > > > > > > > I have a problem with losting connetction to Windows Active > > Directory. > > > > > > > > > > Normaly I connect ovirt with AD like this: > > > > > > > > > > "engine-manage-domains add --domain= szypa.net --provider=ad > > > > --user=ovirt > > > > > --add-permissions" > > > > > > > > > > After period time, example when i restart ovirt, connection is lost > > > > becouse i > > > > > cannot add new user created in AD, so i thinking that i refresh conf. > > > > > connection to ad: > > > > > > > > > > "engine-manage-domains edit --domain= szypa.net --provider=ad > > > > --user=ovirt > > > > > --add-permissions" > > > > > > > > > > and i get this error: > > > > > > > > > > No KDC can be obtained for domain szypa.net > > > > > > > > > > have any idea? > > > > > > > > > > I read that this problem is resolved in previous ovirt version > > > > > > > > > > -- > > > > > G.Sz. > > > > > > > > > > _______________________________________________ > > > > > Users mailing list > > > > > Users@ovirt.org > > > > > http://lists.ovirt.org/mailman/listinfo/users > > > > > > > > > > > > > > > > > > > > > -- > > > G.Sz. > > > > > > > > > -- > G.Sz. > _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users