Looks like the permissions for admin@internal were removed by another admin user
You can try the following 1. Get the admin user external id select external_id from users where name = 'admin' and domain = 'internal-authz' 2. Add permissions for admin user select attach_user_to_role( 'admin', 'internal-authz', '*', 'b71c937c-441b-42cc-bf21-33fa2d9704ce', <=== the external id from above 'SuperUser' ) Let us know if it helps On Sat, Nov 24, 2018 at 9:22 AM Greg Sheremeta <gsher...@redhat.com> wrote: > Perhaps Ravi can assist with this. > > ---------- Forwarded message --------- > From: Shawn Southern <shawn.south...@entegrus.com> > Date: Fri, Nov 23, 2018 at 9:52 PM > Subject: [ovirt-users] The user admin@internal is not authorized to > perform login > To: users@ovirt.org <users@ovirt.org> > > > No one can log in to our oVirt instance today. LDAP users cannot > authenticate, and the internal ‘admin’ user gets “The user admin@internal > is not authorized to perform login” after being authenticated. > > > > From engine.log: > > 2018-11-23 10:17:12,454-05 INFO > [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-24) [] > User admin@internal successfully logged in with scopes: ovirt-app-admin > ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ > ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search > ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate > ovirt-ext=token:password-access > > 2018-11-23 10:17:12,576-05 INFO > [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-24) > [43bd2e4f] Running command: CreateUserSessionCommand internal: false. > > 2018-11-23 10:17:12,584-05 ERROR > [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] > (default task-24) [43bd2e4f] EVENT_ID: USER_VDC_LOGIN_FAILED(114), User > admin@internal-authz connecting from '10.11.12.13' failed to log > in<UNKNOWN>. > > 2018-11-23 10:17:12,585-05 ERROR > [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-24) > [] The user admin@internal is not authorized to perform login > > > > Where do I go from here? > _______________________________________________ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/site/privacy-policy/ > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/OQNDRRXT3EZGGKGMBDIRZRLJYC2546N4/ > > > -- > > GREG SHEREMETA > > SENIOR SOFTWARE ENGINEER - TEAM LEAD - RHV UX > > Red Hat NA > > <https://www.redhat.com/> > > gsher...@redhat.com IRC: gshereme > <https://red.ht/sig> >
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/J6JV4XLO3PFBSFH53QV5T2VL5SNYGBK6/