I've ran the ovirt-engine-extension-aaa-ldap-setup command to configure LDAP authentication using Active Directory however I am unable to authenticate using valid credentials. Here is the output show while testing the login flow.
[ INFO ] Executing login sequence... Login output: 2018-06-13 11:27:17,931-04 INFO ======================================================================== 2018-06-13 11:27:17,960-04 INFO ============================ Initialization ============================ 2018-06-13 11:27:17,960-04 INFO ======================================================================== 2018-06-13 11:27:17,999-04 INFO Loading extension 'example.com-authn' 2018-06-13 11:27:18,072-04 INFO Extension 'example.com-authn' loaded 2018-06-13 11:27:18,077-04 INFO Loading extension 'example.com-authz' 2018-06-13 11:27:18,089-04 INFO Extension 'example.com-authz' loaded 2018-06-13 11:27:18,090-04 INFO Initializing extension 'example.com-authn' 2018-06-13 11:27:18,091-04 INFO [ovirt-engine-extension-aaa-ldap.authn::example.com-authn] Creating LDAP pool 'authz' 2018-06-13 11:27:19,574-04 WARNING Exception: 80090308: LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839 2018-06-13 11:27:19,576-04 INFO [ovirt-engine-extension-aaa-ldap.authn::example.com-authn] Creating LDAP pool 'authn' 2018-06-13 11:27:20,668-04 INFO [ovirt-engine-extension-aaa-ldap.authn::example.com-authn] LDAP pool 'authn' information: vendor='null' version='null' 2018-06-13 11:27:20,674-04 WARNING Ignoring records from pool: 'authz' 2018-06-13 11:27:20,676-04 WARNING Ignoring records from pool: 'authz' 2018-06-13 11:27:20,676-04 INFO Extension 'example.com-authn' initialized 2018-06-13 11:27:20,677-04 INFO Initializing extension 'example.com-authz' 2018-06-13 11:27:20,679-04 INFO [ovirt-engine-extension-aaa-ldap.authz::example.com-authz] Creating LDAP pool 'authz' 2018-06-13 11:27:21,270-04 WARNING Exception: 80090308: LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839 2018-06-13 11:27:21,273-04 INFO [ovirt-engine-extension-aaa-ldap.authz::example.com-authz] Creating LDAP pool 'gc' 2018-06-13 11:27:22,065-04 WARNING Exception: 80090308: LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 52e, v1db1 2018-06-13 11:27:22,069-04 WARNING Ignoring records from pool: 'authz' 2018-06-13 11:27:22,072-04 WARNING Ignoring records from pool: 'authz' 2018-06-13 11:27:22,085-04 WARNING Ignoring records from pool: 'authz' 2018-06-13 11:27:22,086-04 INFO [ovirt-engine-extension-aaa-ldap.authz::example.com-authz] Available Namespaces: [] 2018-06-13 11:27:22,087-04 INFO Extension 'example.com-authz' initialized 2018-06-13 11:27:22,088-04 INFO Start of enabled extensions list 2018-06-13 11:27:22,089-04 INFO Instance name: 'example.com-authz', Extension name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.3.7', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.3.7-1.el7.centos', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: '/tmp/tmpPQluAI/extensions.d/example.com-authz.properties', Initialized: 'true' 2018-06-13 11:27:22,089-04 INFO Instance name: 'example.com-authn', Extension name: 'ovirt-engine-extension-aaa-ldap.authn', Version: '1.3.7', Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.3.7-1.el7.centos', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: '/tmp/tmpPQluAI/extensions.d/example.com-authn.properties', Initialized: 'true' 2018-06-13 11:27:22,090-04 INFO End of enabled extensions list 2018-06-13 11:27:22,090-04 INFO ======================================================================== 2018-06-13 11:27:22,090-04 INFO ============================== Execution =============================== 2018-06-13 11:27:22,091-04 INFO ======================================================================== 2018-06-13 11:27:22,091-04 INFO Iteration: 0 2018-06-13 11:27:22,093-04 INFO Profile='example.com' authn='example.com-authn' authz='example.com-authz' mapping='null' 2018-06-13 11:27:22,094-04 INFO API: -->Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='example.com' user='d861703' 2018-06-13 11:27:22,251-04 INFO API: <--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='example.com' result=CREDENTIALS_INCORRECT 2018-06-13 11:27:22,262-04 SEVERE Authn.Result code is: CREDENTIALS_INCORRECT [ ERROR ] Login sequence failed Does anybody know what LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839 means? Is this a TLS issue? I am quite certain the password I'm using is correct. _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/7KTJZ6ID3PB764CW6LP3LYH57N742RMI/
