Fantastic Ondra, nice Hawk Eye
It's working.
When I enter with a user name and click on console I get:
Could not connect to the agent on the guest, it may be unresponsive or not
installed.
As a result, some features may not work.
What kind of agent shoul I install on the guests?
Thaks a lot
----- Mensagem original -----
De: "Ondra Machacek" <omach...@redhat.com>
Para: supo...@logicworks.pt
Cc: users@ovirt.org
Enviadas: Quarta-feira, 23 De Setembro de 2015 16:39:05
Assunto: Re: [ovirt-users] FreeIPA
As you can see in exception you have trailing space at the end of your fqdn of
IPA, please remove the trailing space in properties file.
it's:
'ipa.acloud.pt ' <- trailing space
and should be:
'ipa.acloud.pt'
On 09/23/2015 05:30 PM, supo...@logicworks.pt wrote:
I can ping ipa server from engine, the log:
2015-09-23 16:24:50,504 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service thread 1-1)
[ovirt-engine-extension-aaa-ldap.authn::profile1-authn] Cannot initialize LDAP
framework, deferring initialization. Error: An error occurred while attempting
to resolve address 'ipa.acloud.pt ': java.net.UnknownHostException:
ipa.acloud.pt : Name or service not known
2015-09-23 16:24:50,504 DEBUG
[org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (MSC service thread 1-1)
Ignoring Exception: LDAPException(resultCode=91 (connect error),
errorMessage='An error occurred while attempting to resolve address
'ipa.acloud.pt ': java.net.UnknownHostException: ipa.acloud.pt : Name or
service not known')
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:754)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:709)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.LDAPConnection.<init>(LDAPConnection.java:533)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.SingleServerSet.getConnection(SingleServerSet.java:229)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.ServerSet.getConnection(ServerSet.java:98)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.createConnection(LDAPConnectionPool.java:1088)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.<init>(LDAPConnectionPool.java:1026)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.<init>(LDAPConnectionPool.java:913)
[unboundid-ldapsdk.jar:2.3.7]
at
org.ovirt.engineextensions.aaa.ldap.Framework.createConnectionPool(Framework.java:595)
[ovirt-engine-extension-aaa-ldap.jar:]
at org.ovirt.engineextensions.aaa.ldap.Framework.createPool(Framework.java:632)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.Framework.runSequence(Framework.java:1362)
[ovirt-engine-extension-aaa-ldap.jar:]
at org.ovirt.engineextensions.aaa.ldap.Framework.open(Framework.java:667)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthnExtension.ensureFramework(AuthnExtension.java:49)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthnExtension.doInit(AuthnExtension.java:130)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthnExtension.invoke(AuthnExtension.java:66)
[ovirt-engine-extension-aaa-ldap.jar:]
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:749)
[unboundid-ldapsdk.jar:2.3.7]
2015-09-23 16:24:50,514 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) open Entry
2015-09-23 16:24:50,514 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) runSequence Entry name='simple-open-pools'
2015-09-23 16:24:50,514 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Running sequence simple-open-pools/010/pool-create
create authz pool
2015-09-23 16:24:50,515 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) VARS-BEGIN
2015-09-23 16:24:50,515 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) authz_enable = 1
2015-09-23 16:24:50,515 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) capability_credentialsChange = false
2015-09-23 16:24:50,515 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) capability_resucrsiveGroupResolution = false
2015-09-23 16:24:50,515 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) maxFilterSize = 50
2015-09-23 16:24:50,515 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) sensitiveKeys = , password, passwordNew
2015-09-23 16:24:50,515 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_attrGroupMemberDN = member
2015-09-23 16:24:50,516 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_attrMemberOf = memberOf
2015-09-23 16:24:50,516 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_attrsBaseDN = defaultNamingContext
2015-09-23 16:24:50,516 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_attrsBaseDNIndex = 0
2015-09-23 16:24:50,516 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_attrsGroupRecord = ipaUniqueID, cn, description
2015-09-23 16:24:50,516 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_attrsPrincipalRecord = ipaUniqueID, uid,
displayName, department, givenName, sn, title, mail, krbpasswordexpiration
2015-09-23 16:24:50,516 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_attrsUserName = uid
2015-09-23 16:24:50,516 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_bindFormat = dn
2015-09-23 16:24:50,517 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_filterGroupObject =
(objectClass=ipausergroup)(ipaUniqueID=*)
2015-09-23 16:24:50,517 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_filterUserObject =
(objectClass=person)(ipaUniqueID=*)
2015-09-23 16:24:50,517 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_groupLogic = member
2015-09-23 16:24:50,517 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) simple_principalPostFetch = ipa-post-principal-fetch
2015-09-23 16:24:50,517 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) stop = false
2015-09-23 16:24:50,517 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) VARS-END
2015-09-23 16:24:50,517 INFO [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1)
[ovirt-engine-extension-aaa-ldap.authz::profile1-authz] Creating LDAP pool
'authz'
2015-09-23 16:24:50,518 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) createPool Entry name='authz'
2015-09-23 16:24:50,518 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) createConnectionPool Entry
2015-09-23 16:24:50,518 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Creating LDAPConnectionOptions
2015-09-23 16:24:50,519 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) LDAPConnectionOptions:
LDAPConnectionOptions(autoReconnect=true, bindWithDNRequiresPassword=true,
followReferrals=false, useKeepAlive=true, useLinger=true,
lingerTimeoutSeconds=5, useReuseAddress=true, useSchema=false,
usePooledSchema=false, pooledSchemaTimeoutMillis=3600000,
useSynchronousMode=false, useTCPNoDelay=true, captureConnectStackTrace=false,
connectTimeoutMillis=5000, responseTimeoutMillis=60000, abandonOnTimeout=true,
maxMessageSize=20971520, receiveBufferSize=0, sendBufferSize=0,
allowConcurrentSocketFactoryUse=true,
sslSocketVerifierClass='com.unboundid.util.ssl.TrustAllSSLSocketVerifier')
2015-09-23 16:24:50,519 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Creating SocketFactory
2015-09-23 16:24:50,520 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Creating resolver
2015-09-23 16:24:50,520 DEBUG [org.ovirt.engineextensions.aaa.ldap.Resolver]
(MSC service thread 1-1) Open: Context: {java.naming.provider.url=dns://,
java.naming.factory.initial=com.sun.jndi.dns.DnsContextFactory}
2015-09-23 16:24:50,521 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Resolver:
Resolver(env='{java.naming.provider.url=dns://,
java.naming.factory.initial=com.sun.jndi.dns.DnsContextFactory}',
supportIPv6='false', cacheTTL='10000')
2015-09-23 16:24:50,521 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) SocketFactory:
org.ovirt.engineextensions.aaa.ldap.ResolverSocketFactory@6b281cdb
2015-09-23 16:24:50,521 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Creating ServerSet
2015-09-23 16:24:50,521 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) ServerSet: SingleServerSet(server=ipa.acloud.pt :389)
2015-09-23 16:24:50,521 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Creating BindRequest
2015-09-23 16:24:50,522 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) createBindRequest Entry type='simple', user=''
2015-09-23 16:24:50,522 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) createBindRequest Return
SimpleBindRequest(dn='uid=search,cn=users,cn=accounts,dc=acloud,dc=pt')
2015-09-23 16:24:50,522 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) BindRequest:
SimpleBindRequest(dn='uid=search,cn=users,cn=accounts,dc=acloud,dc=pt')
2015-09-23 16:24:50,522 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Creating LDAPConnectionPool
2015-09-23 16:24:50,522 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Sequence simple-open-pools create authz pool failed
due to exception: An error occurred while attempting to resolve address
'ipa.acloud.pt ': java.net.UnknownHostException: ipa.acloud.pt
2015-09-23 16:24:50,523 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework]
(MSC service thread 1-1) Exception during sequence: LDAPException(resultCode=91
(connect error), errorMessage='An error occurred while attempting to resolve
address 'ipa.acloud.pt ': java.net.UnknownHostException: ipa.acloud.pt ')
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:754)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:709)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.LDAPConnection.<init>(LDAPConnection.java:533)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.SingleServerSet.getConnection(SingleServerSet.java:229)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.ServerSet.getConnection(ServerSet.java:98)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.createConnection(LDAPConnectionPool.java:1088)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.<init>(LDAPConnectionPool.java:1026)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.<init>(LDAPConnectionPool.java:913)
[unboundid-ldapsdk.jar:2.3.7]
at
org.ovirt.engineextensions.aaa.ldap.Framework.createConnectionPool(Framework.java:595)
[ovirt-engine-extension-aaa-ldap.jar:]
at org.ovirt.engineextensions.aaa.ldap.Framework.createPool(Framework.java:632)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.Framework.runSequence(Framework.java:1362)
[ovirt-engine-extension-aaa-ldap.jar:]
at org.ovirt.engineextensions.aaa.ldap.Framework.open(Framework.java:667)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthzExtension.ensureFramework(AuthzExtension.java:152)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthzExtension.doInit(AuthzExtension.java:503)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthzExtension.invoke(AuthzExtension.java:433)
[ovirt-engine-extension-aaa-ldap.jar:]
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:749)
[unboundid-ldapsdk.jar:2.3.7]
2015-09-23 16:24:50,531 WARN
[org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread 1-1)
[ovirt-engine-extension-aaa-ldap.authz::profile1-authz] Cannot initialize LDAP
framework, deferring initialization. Error: An error occurred while attempting
to resolve address 'ipa.acloud.pt ': java.net.UnknownHostException:
ipa.acloud.pt
2015-09-23 16:24:50,531 DEBUG
[org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread 1-1)
Ignoring Exception: LDAPException(resultCode=91 (connect error),
errorMessage='An error occurred while attempting to resolve address
'ipa.acloud.pt ': java.net.UnknownHostException: ipa.acloud.pt ')
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:754)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:709)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.LDAPConnection.<init>(LDAPConnection.java:533)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.SingleServerSet.getConnection(SingleServerSet.java:229)
[unboundid-ldapsdk.jar:2.3.7]
at com.unboundid.ldap.sdk.ServerSet.getConnection(ServerSet.java:98)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.createConnection(LDAPConnectionPool.java:1088)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.<init>(LDAPConnectionPool.java:1026)
[unboundid-ldapsdk.jar:2.3.7]
at
com.unboundid.ldap.sdk.LDAPConnectionPool.<init>(LDAPConnectionPool.java:913)
[unboundid-ldapsdk.jar:2.3.7]
at
org.ovirt.engineextensions.aaa.ldap.Framework.createConnectionPool(Framework.java:595)
[ovirt-engine-extension-aaa-ldap.jar:]
at org.ovirt.engineextensions.aaa.ldap.Framework.createPool(Framework.java:632)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.Framework.runSequence(Framework.java:1362)
[ovirt-engine-extension-aaa-ldap.jar:]
at org.ovirt.engineextensions.aaa.ldap.Framework.open(Framework.java:667)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthzExtension.ensureFramework(AuthzExtension.java:152)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthzExtension.doInit(AuthzExtension.java:503)
[ovirt-engine-extension-aaa-ldap.jar:]
at
org.ovirt.engineextensions.aaa.ldap.AuthzExtension.invoke(AuthzExtension.java:433)
[ovirt-engine-extension-aaa-ldap.jar:]
at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:749)
[unboundid-ldapsdk.jar:2.3.7]
2015-09-23 16:24:50,541 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-1) Instance name: 'profile1-authn', Extension name:
'ovirt-engine-extension-aaa-ldap.authn', Version: '1.0.2', Notes: 'Display
name: ovirt-engine-extension-aaa-ldap-1.0.2-1.el7', License: 'ASL 2.0', Home: '
http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
'0', File: '/etc/ovirt-engine/extensions.d/profile1-authn.properties',
Initialized: 'true'
2015-09-23 16:24:50,542 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-1) Instance name: 'profile1-authz', Extension name:
'ovirt-engine-extension-aaa-ldap.authz', Version: '1.0.2', Notes: 'Display
name: ovirt-engine-extension-aaa-ldap-1.0.2-1.el7', License: 'ASL 2.0', Home: '
http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
'0', File: '/etc/ovirt-engine/extensions.d/profile1-authz.properties',
Initialized: 'true'
----- Mensagem original -----
De: "Ondra Machacek" <omach...@redhat.com>
Para: supo...@logicworks.pt
Cc: users@ovirt.org
Enviadas: Quarta-feira, 23 De Setembro de 2015 15:02:54
Assunto: Re: [ovirt-users] FreeIPA
Try this[1] easier approach.
[1]
https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=aed09b5793e0352dc20812b4746dbd2d7898f292#l389
On 09/23/2015 03:58 PM, supo...@logicworks.pt wrote:
<blockquote>
well, when I run
# /usr/share/ovirt-engine-jboss-as/bin/jboss-cli.sh --connect --timeout=30000
--controller=localhost:8706 --user=admin@internal --commands="if (outcome !=
success) of
/subsystem=logging/logger=org.ovirt.engineextensions.aaa.ldap:read-attribute(name=level),/subsystem=logging/logger=org.ovirt.engineextensions.aaa.ldap:add,end-if,/subsystem=logging/logger=org.ovirt.engineextensions.aaa.ldap:write-attribute(name=level,value=ALL)"
get this error: Duplicate argument '--command'/'--commands'.
can't see why
----- Mensagem original -----
De: "Ondra Machacek" <omach...@redhat.com>
Para: supo...@logicworks.pt
Cc: users@ovirt.org
Enviadas: Quarta-feira, 23 De Setembro de 2015 12:50:46
Assunto: Re: [ovirt-users] FreeIPA
You don't have to do anything on IPA side, just create users/groups.
OK, nothing in the log at INFO level, initialization succeed, so can you please
send the debug log? See here[1] how to enable.
Thank you.
[1]
https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l389
On 09/23/2015 10:48 AM, supo...@logicworks.pt wrote:
<blockquote>
Is there anything to do on the IPA side? Or is just add users?
On the oVirt Engine, Users Tab, when click on add I can see profile1
(profile1-aurhz) but the GO button is still in gray.
I think something is wrong with the autehtication on the IPA server.
Here is the engine log :
2015-09-23 09:37:57,927 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Extension 'builtin-authn-internal' initialized
2015-09-23 09:37:57,927 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Initializing extension 'internal'
2015-09-23 09:37:57,928 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Extension 'internal' initialized
2015-09-23 09:37:57,928 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Start of enabled extensions list
2015-09-23 09:37:57,928 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Instance name: 'profile1-authn', Extension name:
'ovirt-engine-extension-aaa-ldap.authn', Version: '1.0.2', Notes: 'Display
name: ovirt-engine-extension-aaa-ldap-1.0.2-1.el7', License: 'ASL 2.0', Home: '
http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
'0', File: '/etc/ovirt-engine/extensions.d/profile1-authn.properties',
Initialized: 'true'
2015-09-23 09:37:57,929 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Instance name: 'profile1-authz', Extension name:
'ovirt-engine-extension-aaa-ldap.authz', Version: '1.0.2', Notes: 'Display
name: ovirt-engine-extension-aaa-ldap-1.0.2-1.el7', License: 'ASL 2.0', Home: '
http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
'0', File: '/etc/ovirt-engine/extensions.d/profile1-authz.properties',
Initialized: 'true'
2015-09-23 09:37:57,929 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Instance name: 'builtin-authn-internal', Extension name: 'Internal Authn
(Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: '
http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
'0', File: 'N/A', Initialized: 'true'
2015-09-23 09:37:57,930 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) Instance name: 'internal', Extension name: 'Internal Authz (Built-in)',
Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: ' http://www.ovirt.org ',
Author 'The oVirt Project', Build interface Version: '0', File: 'N/A',
Initialized: 'true'
2015-09-23 09:37:57,930 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
1-2) End of enabled extensions list
2015-09-23 09:37:58,103 INFO [org.ovirt.engine.core.bll.tasks.AsyncTaskManager]
(MSC service thread 1-1) Initialization of AsyncTaskManager completed
successfully.
2015-09-23 09:37:58,105 INFO [org.ovirt.engine.core.vdsbroker.ResourceManager]
(MSC service thread 1-1) Start initializing ResourceManager
2015-09-23 09:37:58,217 INFO [org.ovirt.engine.core.vdsbroker.VdsManager] (MSC
service thread 1-1) Entered VdsManager constructor
2015-09-23 09:37:58,268 INFO [org.ovirt.engine.core.vdsbroker.VdsManager] (MSC
service thread 1-1) Initialize vdsBroker (192.168.6.201,54,321)
2015-09-23 09:37:58,402 INFO [org.ovirt.engine.core.vdsbroker.ResourceManager]
(MSC service thread 1-1) VDS 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6 was added to
the Resource Manager
2015-09-23 09:37:58,429 INFO [org.ovirt.engine.core.vdsbroker.ResourceManager]
(MSC service thread 1-1) Finished initializing ResourceManager
2015-09-23 09:37:58,430 INFO [org.ovirt.engine.core.bll.OvfDataUpdater] (MSC
service thread 1-1) Initialization of OvfDataUpdater completed successfully.
2015-09-23 09:37:58,431 INFO
[org.ovirt.engine.core.bll.scheduling.SchedulingManager] (MSC service thread
1-1) Start scheduling to enable vds load balancer
2015-09-23 09:37:58,432 INFO
[org.ovirt.engine.core.bll.scheduling.SchedulingManager] (MSC service thread
1-1) Finished scheduling to enable vds load balancer
2015-09-23 09:37:58,432 INFO
[org.ovirt.engine.core.bll.scheduling.SchedulingManager] (MSC service thread
1-1) Start HA Reservation check
2015-09-23 09:37:58,434 INFO
[org.ovirt.engine.core.bll.scheduling.SchedulingManager] (MSC service thread
1-1) Finished HA Reservation check
2015-09-23 09:37:58,440 INFO
[org.ovirt.engine.core.bll.network.MacPoolManagerRanges]
(org.ovirt.thread.pool-8-thread-1) Start initializing MacPoolManagerRanges
2015-09-23 09:37:58,444 INFO
[org.ovirt.engine.core.bll.InitBackendServicesOnStartupBean] (MSC service
thread 1-1) Init VM custom properties utilities
2015-09-23 09:37:58,444 INFO
[org.ovirt.engine.core.bll.InitBackendServicesOnStartupBean] (MSC service
thread 1-1) Init device custom properties utilities
2015-09-23 09:37:58,453 INFO
[org.ovirt.engine.core.bll.scheduling.SchedulingManager] (MSC service thread
1-1) Initializing Scheduling manager
2015-09-23 09:37:58,485 INFO
[org.ovirt.engine.core.bll.network.MacPoolManagerRanges]
(org.ovirt.thread.pool-8-thread-1) Finished initializing. Available MACs in
pool: 251
2015-09-23 09:37:58,499 INFO
[org.ovirt.engine.core.bll.scheduling.SchedulingManager] (MSC service thread
1-1) External scheduler disabled, discovery skipped
2015-09-23 09:37:58,500 INFO
[org.ovirt.engine.core.bll.scheduling.SchedulingManager] (MSC service thread
1-1) Initialized Scheduling manager
2015-09-23 09:37:58,500 INFO [org.ovirt.engine.core.bll.dwh.DwhHeartBeat] (MSC
service thread 1-1) Initializing DWH Heart Beat
2015-09-23 09:37:58,502 INFO [org.ovirt.engine.core.bll.dwh.DwhHeartBeat] (MSC
service thread 1-1) DWH Heart Beat initialized
2015-09-23 09:38:02,159 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.GetHardwareInfoVDSCommand]
(DefaultQuartzScheduler_Worker-5) START, GetHardwareInfoVDSCommand(HostName =
node3.acloud.pt, HostId = 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6,
vds=Host[node3.acloud.pt,0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6]), log id:
66c9effc
2015-09-23 09:38:02,167 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.GetHardwareInfoVDSCommand]
(DefaultQuartzScheduler_Worker-5) FINISH, GetHardwareInfoVDSCommand, log id:
66c9effc
2015-09-23 09:38:02,173 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: UNASSIGNED not exist in string
table
2015-09-23 09:38:02,174 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: VDS_HIGH_NETWORK_USE not exist
in string table
2015-09-23 09:38:02,174 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_FAILED_REMOVE_VM not exist
in string table
2015-09-23 09:38:02,175 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_RUN_UNLOCK_ENTITY_SCRIPT
not exist in string table
2015-09-23 09:38:02,175 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType:
VDS_NETWORK_MTU_DIFFER_FROM_LOGICAL_NETWORK not exist in string table
2015-09-23 09:38:02,176 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: STORAGE_ACTIVATE_ASYNC not
exist in string table
2015-09-23 09:38:02,176 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_ADDED_DISK_PROFILE not
exist in string table
2015-09-23 09:38:02,176 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_FAILED_TO_ADD_DISK_PROFILE
not exist in string table
2015-09-23 09:38:02,176 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_REMOVED_DISK_PROFILE not
exist in string table
2015-09-23 09:38:02,177 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType:
USER_FAILED_TO_REMOVE_DISK_PROFILE not exist in string table
2015-09-23 09:38:02,177 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_UPDATED_DISK_PROFILE not
exist in string table
2015-09-23 09:38:02,177 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType:
USER_FAILED_TO_UPDATE_DISK_PROFILE not exist in string table
2015-09-23 09:38:02,177 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_ADDED_CPU_PROFILE not
exist in string table
2015-09-23 09:38:02,178 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_FAILED_TO_ADD_CPU_PROFILE
not exist in string table
2015-09-23 09:38:02,178 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_REMOVED_CPU_PROFILE not
exist in string table
2015-09-23 09:38:02,178 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType:
USER_FAILED_TO_REMOVE_CPU_PROFILE not exist in string table
2015-09-23 09:38:02,178 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType: USER_UPDATED_CPU_PROFILE not
exist in string table
2015-09-23 09:38:02,179 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) AuditLogType:
USER_FAILED_TO_UPDATE_CPU_PROFILE not exist in string table
2015-09-23 09:38:02,479 WARN
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-5) Correlation ID: null, Call Stack: null,
Custom Event ID: -1, Message: Host node3.acloud.pt does not enforce SELinux.
2015-09-23 09:38:02,479 WARN [org.ovirt.engine.core.vdsbroker.VdsManager]
(DefaultQuartzScheduler_Worker-5) Host node3.acloud.pt is running with disabled
SELinux.
2015-09-23 09:38:02,623 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterServersListVDSCommand]
(DefaultQuartzScheduler_Worker-5) START, GlusterServersListVDSCommand(HostName
= node3.acloud.pt, HostId = 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6), log id:
53441a68
2015-09-23 09:38:02,708 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterServersListVDSCommand]
(DefaultQuartzScheduler_Worker-5) FINISH, GlusterServersListVDSCommand, return:
[192.168.6.201:CONNECTED], log id: 53441a68
2015-09-23 09:38:03,178 INFO [org.ovirt.engine.core.vdsbroker.VdsManager]
(DefaultQuartzScheduler_Worker-5) Initializing Host: node3.acloud.pt
2015-09-23 09:38:03,326 INFO
[org.ovirt.engine.core.bll.HandleVdsVersionCommand]
(DefaultQuartzScheduler_Worker-5) [543d8ea6] Running command:
HandleVdsVersionCommand internal: true. Entities affected : ID:
0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6 Type: VDS
2015-09-23 09:38:03,562 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-8) START, GlusterVolumesListVDSCommand(HostName
= node3.acloud.pt, HostId = 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6), log id:
cf31644
2015-09-23 09:38:03,583 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-8) FINISH, GlusterVolumesListVDSCommand, return:
{}, log id: cf31644
2015-09-23 09:38:08,514 INFO
[org.ovirt.engine.core.bll.storage.SetStoragePoolStatusCommand]
(DefaultQuartzScheduler_Worker-18) [205b10f8] Running command:
SetStoragePoolStatusCommand internal: true. Entities affected : ID:
00000002-0002-0002-0002-000000000238 Type: StoragePool
2015-09-23 09:38:08,533 INFO
[org.ovirt.engine.core.vdsbroker.storage.StoragePoolDomainHelper]
(DefaultQuartzScheduler_Worker-18) [205b10f8] Storage Pool
00000002-0002-0002-0002-000000000238 - Updating Storage Domain
7f099189-6afa-4858-9aa5-a97d6b6e4bd5 status from Active to Unknown, reason :
null
2015-09-23 09:38:08,540 INFO
[org.ovirt.engine.core.vdsbroker.storage.StoragePoolDomainHelper]
(DefaultQuartzScheduler_Worker-18) [205b10f8] Storage Pool
00000002-0002-0002-0002-000000000238 - Updating Storage Domain
5e80c937-6996-43df-9db7-a3511347d735 status from Active to Unknown, reason :
null
2015-09-23 09:38:08,714 WARN
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-18) [205b10f8] Correlation ID: 205b10f8, Call
Stack: null, Custom Event ID: -1, Message: Invalid status on Data Center
Default. Setting status to Non Responsive.
2015-09-23 09:38:08,758 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-20) START, GlusterVolumesListVDSCommand(HostName
= node3.acloud.pt, HostId = 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6), log id:
767b5004
2015-09-23 09:38:08,788 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-20) FINISH, GlusterVolumesListVDSCommand,
return: {}, log id: 767b5004
2015-09-23 09:38:08,928 INFO
[org.ovirt.engine.core.vdsbroker.irsbroker.IrsProxyData]
(DefaultQuartzScheduler_Worker-18) [205b10f8] hostFromVds::selectedVds -
node3.acloud.pt, spmStatus SPM, storage pool Default
2015-09-23 09:38:08,949 INFO
[org.ovirt.engine.core.vdsbroker.irsbroker.IrsProxyData]
(DefaultQuartzScheduler_Worker-18) [205b10f8] Initialize Irs proxy from vds:
192.168.6.201
2015-09-23 09:38:08,999 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(DefaultQuartzScheduler_Worker-18) [205b10f8] Correlation ID: null, Call Stack:
null, Custom Event ID: -1, Message: Storage Pool Manager runs on Host
node3.acloud.pt (Address: 192.168.6.201).
2015-09-23 09:38:09,051 INFO
[org.ovirt.engine.core.vdsbroker.irsbroker.SPMGetAllTasksInfoVDSCommand]
(org.ovirt.thread.pool-8-thread-16) [205b10f8] START,
SPMGetAllTasksInfoVDSCommand( storagePoolId =
00000002-0002-0002-0002-000000000238, ignoreFailoverLimit = false), log id:
6735b7ad
2015-09-23 09:38:09,157 INFO
[org.ovirt.engine.core.vdsbroker.irsbroker.SPMGetAllTasksInfoVDSCommand]
(org.ovirt.thread.pool-8-thread-16) [205b10f8] -- executeIrsBrokerCommand:
Attempting on storage pool 00000002-0002-0002-0002-000000000238
2015-09-23 09:38:09,180 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.HSMGetAllTasksInfoVDSCommand]
(org.ovirt.thread.pool-8-thread-16) [205b10f8] START,
HSMGetAllTasksInfoVDSCommand(HostName = node3.acloud.pt, HostId =
0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6), log id: 2c5dc746
2015-09-23 09:38:09,216 INFO
[org.ovirt.engine.core.vdsbroker.vdsbroker.HSMGetAllTasksInfoVDSCommand]
(org.ovirt.thread.pool-8-thread-16) [205b10f8] FINISH,
HSMGetAllTasksInfoVDSCommand, return: [], log id: 2c5dc746
2015-09-23 09:38:09,216 INFO
[org.ovirt.engine.core.vdsbroker.irsbroker.SPMGetAllTasksInfoVDSCommand]
(org.ovirt.thread.pool-8-thread-16) [205b10f8] FINISH,
SPMGetAllTasksInfoVDSCommand, return: [], log id: 6735b7ad
2015-09-23 09:38:09,217 INFO [org.ovirt.engine.core.bll.tasks.AsyncTaskManager]
(org.ovirt.thread.pool-8-thread-16) [205b10f8] Discovered no tasks on Storage
Pool Default
2015-09-23 09:38:13,937 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-30) START, GlusterVolumesListVDSCommand(HostName
= node3.acloud.pt, HostId = 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6), log id:
663177d4
2015-09-23 09:38:13,964 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-30) FINISH, GlusterVolumesListVDSCommand,
return: {}, log id: 663177d4
2015-09-23 09:38:19,184 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-40) START, GlusterVolumesListVDSCommand(HostName
= node3.acloud.pt, HostId = 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6), log id:
4db78ebd
2015-09-23 09:38:19,232 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-40) FINISH, GlusterVolumesListVDSCommand,
return: {}, log id: 4db78ebd
2015-09-23 09:38:24,382 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-50) START, GlusterVolumesListVDSCommand(HostName
= node3.acloud.pt, HostId = 0ffde0bc-c610-43ee-8ded-e8d2beb7e0f6), log id:
3beec320
2015-09-23 09:38:24,410 INFO
[org.ovirt.engine.core.vdsbroker.gluster.GlusterVolumesListVDSCommand]
(DefaultQuartzScheduler_Worker-50) FINISH, GlusterVolumesListVDSCommand,
return: {}, log id: 3beec320
Thanks
----- Mensagem original -----
De: "Ondra Machacek" <omach...@redhat.com>
Para: supo...@logicworks.pt , users@ovirt.org
Enviadas: Quarta-feira, 23 De Setembro de 2015 7:40:12
Assunto: Re: [ovirt-users] FreeIPA
Just for clarification - ovirt-engine-extension-aaa-ldap-setup is available
from oVirt 3.6
Can you send engine.log, hard to say what's wrong from configuration, it looks
good.
On 09/22/2015 09:55 PM, Ravi Nori wrote:
<blockquote>
Once you have installed ovirt-engine-extension-aaa-ldap and
ovirt-engine-extension-aaa-ldap-setup
You can run ovirt-engine-extension-aaa-ldap-setup and follow the steps to set
up ldap.
Once that is done you can login to webadmin and add users/groups from ipa
On 09/22/2015 11:57 AM, supo...@logicworks.pt wrote:
<blockquote>
Here is what I'm trying to do:
Ovirt engine : engine.domain.tld
Freeipa 4.1.0 : ipa.domain.tld
I have installed on the engine:
ovirt-engine-extension-aaa-ldap
openldap-clients /etc/ovirt-engine/aaa/profile1.properties:
#
# Select one
#
#include = <openldap.properties>
#include = <389ds.properties>
#include = <rhds.properties>
include = <ipa.properties>
#include = <iplanet.properties>
#include = <rfc2307.properties>
#include = <rfc2307-openldap.properties>
#
# Server
#
vars.server = ipa.domain.tld
#
# Search user and its password.
#
vars.user = uid=search,cn=users,cn=accounts,dc=domain,dc=tld
vars.password = ipa_admin_password pool.default.serverset.single.server =
${global:vars.server}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
# Create keystore, import certificate chain and uncomment
# if using ssl/tls.
#pool.default.ssl.startTLS = true
#pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks
#pool.default.ssl.truststore.password = changeit
On the engine cannot find any users configured on the ipa server.
Any help?
Thanks
Jose
----- Mensagem original -----
De: "Alon Bar-Lev" <alo...@redhat.com>
Para: supo...@logicworks.pt
Cc: "users" <users@ovirt.org>
Enviadas: Sexta-feira, 18 De Setembro de 2015 15:48:22
Assunto: Re: [ovirt-users] FreeIPA
----- Original Message -----
> From: supo...@logicworks.pt
> To: "users" <users@ovirt.org>
> Sent: Friday, September 18, 2015 5:45:18 PM
> Subject: [ovirt-users] FreeIPA
>
> Hi,
>
> Is there any documentation about FreeIPA integration with oVirt 3.5 and how
> to configure it?
>
Hi,
Please find documentation at [1][2].
Regards,
Alon Bar-Lev.
[1] http://www.ovirt.org/Features/AAA
[2]
https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=ovirt-engine-extension-aaa-ldap-1.0
_______________________________________________
Users mailing list Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
_______________________________________________
Users mailing list Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
</blockquote>
</blockquote>
</blockquote>
</blockquote>
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
