Looking at logs you may see:
2018-10-31 16:48:09,331-05 FINE Performing SearchRequest
'SearchRequest(baseDN='dc=cyber-range,dc=lan', scope=SUB, deref=NEVER,
sizeLimit=0, timeLimit=0,
filter='&(objectClass=organizationalPerson)(uid=*)(uid=admin)',
attrs={nsuniqueid, uid, cn, displayName, department, givenName, sn,
title, mail})' request on server 'ldap.cyber-range.lan'
2018-10-31 16:48:09,333-05 FINE SearchResult:
SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0,
referencesReturned=0)
So the AAA is trying to search user uid=admin in namespace
dc=cyber-range,dc=lan. But the 389ds return nothing. Can you try to run
that on command line[1], or can you double check that such user exists?
Seems like admin which you use in vars.user, from namespace
o=NetscapeRoot, can't search in namespace dc=cyber-range,dc=lan.
Try to use as vars.use user from namespace dc=cyber-range,dc=lan.
[1] ldapsearch -x -H ldap://ldap.cyber-range.lan -b
'dc=cyber-range,dc=lan' -D
'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W
uid=admin
On 11/2/18 2:01 PM, Jeremy Tourville wrote:
I have been trying to find the setting to confirm that.
On Nov 2, 2018 7:43 AM, Donny Davis <do...@fortnebula.com> wrote:
Is binding allowed in your 389ds instance?
On Fri, Nov 2, 2018, 8:11 AM Jeremy Tourville
<jeremy_tourvi...@hotmail.com<mailto:jeremy_tourvi...@hotmail.com> wrote:
The backend is 389 DS, no this is not Govt related. This will be used as a
training platform for my local ISSA chapter. This is a new 389 DS server. I
followed the instructions at
https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
The server is "stock" with the exceptions of the settings for startTLS and
adding certificates, etc (basically, whatever is needed to integrate with the Ovirt
Engine.)
I am using my Admin account to perform the bind. What I don't understand is
why everything else in the aaa setup script works except the login sequence.
It would seem like my certificates are correct, correct use of the admin DN,
etc. The funny part is I can login to the server using the admin account and
password yet the same admin account and password fail when using the aaa setup
script. But, that is why I am using the expert knowledge on the list! Maybe I
have overlooked a simple prerequisite setting needed for setup somewhere?
I'll wait for someone to chime in on possible reasons to get this message:
SEVERE Authn.Result code is: CREDENTIALS_INVALID
[ ERROR ] Login sequence failed
______________________________________________
Users mailing list -- users@ovirt.org<mailto:users@ovirt.org>
To unsubscribe send an email to
users-le...@ovirt.org<mailto:users-le...@ovirt.org>
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/TGT7ASCWSUTU6TDT2HIBLBCRL2CEF3G6/
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/JN4AMQUNTFGL2NDUWNDG2AZTF7YIQPN6/
_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/users@ovirt.org/message/OMANIY4OZWNQBSSEXHCJTHI4VW4IPUGY/
