Re: [ovirt-users] Gluster command[] failed on server ovhost1
Hi, Daniel Trouble was resolved by yum undo and retring yum update again. Perhaps my trouble was different from engine update issue, yum update installs only gluster modules not engine modules. thanks a lot, Fumihide (2014/11/20 18:43), Daniel Helgenberger wrote: On 19.11.2014 15:58, Fumihide Tani wrote: Please help! I'm hosting an oVirt3.5 Engine server (CentOS6.5) and oVirt3.5 Host servers (CentOS 7.0). Today, I have stopped all oVirt services (ovirt-engine and vdsmd) and updated oVirt3.5 Engine server and ovirt3.5 Host server by "yum update". Just a guess since you do not mention this step; after an engine update it is *required* to run 'engine-setup'. See [1] for more info about upgrading oVirt engine. [1] http://www.ovirt.org/OVirt_3.5_Release_Notes#Fedora_.2F_CentOS_.2F_RHEL While update, some new Gluster components were installed. After update, I tried to reboot ovirt3.5 Engine and Node servers, but oVirt is not working. Portal's Events shows that: - Status of host ovhost1 was set to NonOperational. - Gluster command[] failed on server ovhost1. My oVirt servers and VMs are not operational now. How to resolve? Many thanks, Fumihide Tani ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Gluster command[] failed on server ovhost1
Hello Kanagaraj, Resolved! I have done yum's undo and retried yum update again. engine.log's gluster errors are disappeared and now oVirt is working well. Thank you so much. Fumihide (2014/11/20 13:44), Kanagaraj wrote: On 11/19/2014 08:28 PM, Fumihide Tani wrote: Please help! I'm hosting an oVirt3.5 Engine server (CentOS6.5) and oVirt3.5 Host servers (CentOS 7.0). Today, I have stopped all oVirt services (ovirt-engine and vdsmd) and updated oVirt3.5 Engine server and ovirt3.5 Host server by "yum update". While update, some new Gluster components were installed. After update, I tried to reboot ovirt3.5 Engine and Node servers, but oVirt is not working. Portal's Events shows that: - Status of host ovhost1 was set to NonOperational. - Gluster command[] failed on server ovhost1. Do you see any errors in /var/log/ovirt-engine/engine.log? Also check if glusterd and vdsmd services are running on the servers. My oVirt servers and VMs are not operational now. How to resolve? Many thanks, Fumihide Tani ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Gluster command[] failed on server ovhost1
Please help! I'm hosting an oVirt3.5 Engine server (CentOS6.5) and oVirt3.5 Host servers (CentOS 7.0). Today, I have stopped all oVirt services (ovirt-engine and vdsmd) and updated oVirt3.5 Engine server and ovirt3.5 Host server by "yum update". While update, some new Gluster components were installed. After update, I tried to reboot ovirt3.5 Engine and Node servers, but oVirt is not working. Portal's Events shows that: - Status of host ovhost1 was set to NonOperational. - Gluster command[] failed on server ovhost1. My oVirt servers and VMs are not operational now. How to resolve? Many thanks, Fumihide Tani ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Best way for using Ubuntu 14 as a guest OS of oVirt 3.5.
Hi, Bob Yes, but these bugs are not fixed yet. https://bugs.launchpad.net/ubuntu/+source/xserver-xorg-video-qxl/+bug/1261916 Regards, Fumihide Tani (2014/10/20 7:56), Bob Doolittle wrote: Are there bugs filed? I will want too wait for them to be resolved before upgrading to 3.5. Thanks, Bob On Oct 19, 2014 12:19 PM, "Fumihide Tani" mailto:rxc05...@nifty.com>> wrote: Hi, everyone, I have found a big solution for using Ubuntu 14 as a guest of oVirt 3.5! Ubuntu 14 is troublesome on KVM and SPICE environment now. Known issues are: - missing letters from Ubuntu desktop title and menu - frequently VM goes too much cpu usage and no operationable If you want to solve these, simply do next: # sudo apt-get remove xserver-xorg-video-qxl then you will get everything goes fine! Good luck, Fumihide Tani ___ Users mailing list Users@ovirt.org <mailto:Users@ovirt.org> http://lists.ovirt.org/mailman/listinfo/users ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Best way for using Ubuntu 14 as a guest OS of oVirt 3.5.
Hi, everyone, I have found a big solution for using Ubuntu 14 as a guest of oVirt 3.5! Ubuntu 14 is troublesome on KVM and SPICE environment now. Known issues are: - missing letters from Ubuntu desktop title and menu - frequently VM goes too much cpu usage and no operationable If you want to solve these, simply do next: # sudo apt-get remove xserver-xorg-video-qxl then you will get everything goes fine! Good luck, Fumihide Tani ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] No package ovirt-engine-extension-aaa-ldap available.
Hello Alon, I have re-activated oVirt 3.5-pre repo and re-installed ovirt-engine-extension-aaa-ldap again. No problem. everything is functional and working well now. Thanks, Fumihide Tani (2014/10/19 17:15), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: users@ovirt.org Sent: Sunday, October 19, 2014 11:09:35 AM Subject: [ovirt-users] No package ovirt-engine-extension-aaa-ldap available. Hi everyone, After oVirt 3.5 GA fresh installation, then I tried to install the ovirt-engine-extension-aaa-ldap. Yes, I did not release the extension yet. One more issue to solve. For the mean time you can test the pre-release and report any issues so I can address these also before release. Once released it will be available in the 3.5 repo. Thanks,. Alon. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] No package ovirt-engine-extension-aaa-ldap available.
Hi everyone, After oVirt 3.5 GA fresh installation, then I tried to install the ovirt-engine-extension-aaa-ldap. [root@ovirt ~]# yum install ovirt-engine-extension-aaa-ldap Loaded plugins: fastestmirror, security, versionlock Loading mirror speeds from cached hostfile epel/metalink| 6.1 kB 00:00 ovirt-3.5-epel/metalink | 6.1 kB 00:00 * base: www.ftp.ne.jp * epel: ftp.kddilabs.jp * extras: www.ftp.ne.jp * ovirt-3.5: resources.ovirt.org * ovirt-3.5-epel: ftp.kddilabs.jp * ovirt-3.5-jpackage-6.0-generic: sunsite.informatik.rwth-aachen.de * updates: www.ftp.ne.jp base | 3.7 kB 00:00 epel | 4.4 kB 00:00 http://ftp.kddilabs.jp/Linux/packages/fedora/epel/6/x86_64/repodata/repomd.xml: [Errno -1] repomd.xml does not match metalink for epel Trying other mirror. epel | 4.4 kB 00:00 extras | 3.3 kB 00:00 ovirt-3.5| 2.9 kB 00:00 ovirt-3.5-epel | 4.4 kB 00:00 http://ftp.kddilabs.jp/Linux/packages/fedora/epel/6/x86_64/repodata/repomd.xml: [Errno -1] repomd.xml does not match metalink for ovirt-3.5-epel Trying other mirror. ovirt-3.5-epel | 4.4 kB 00:00 ovirt-3.5-glusterfs-epel | 2.9 kB 00:00 ovirt-3.5-glusterfs-noarch-epel | 2.9 kB 00:00 ovirt-3.5-jpackage-6.0-generic | 951 B 00:00 ovirt-3.5-patternfly1-noarch-epel| 3.0 kB 00:00 updates | 3.4 kB 00:00 Setting up Install Process No package ovirt-engine-extension-aaa-ldap available. Error: Nothing to do [root@ovirt ~]# ovirt-3.5 repo does not support ovirt-engine-extension-aaa-ldap? Thanks, Fumihide Tani ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] SPICE HTML5 Browser Clinet does not work
Hi everyone, Today I have updated oVirt 3.5 to GA from RC5. And I have tried SPICE HTML5 Browser Clinet, but console screen is 'blank'. Before updating to GA, My oVirt 3.5 could display console screen correctly. Browser is the Firefox 31 running on Windows 7. Toggle messages output shows: Connected to wss://ovirt.rxc05271.com:6100/eyJ2YWxpZFRvIjoiMjAxNDEwMTgwNDIwMjMiLCJkYXRhIjoiJTdCJTIyaG9zdCUyMjolMjIxOTIuMTY4LjAuNyUyMiwlMjJwb3J0JTIyOiUyMjU5MDElMjIsJTIyc3NsX3RhcmdldCUyMjp0cnVlJTdEIiwidmFsaWRGcm9tIjoiMjAxNDEwMTgwNDE4MjMiLCJzaWduZWRGaWVsZHMiOiJ2YWxpZFRvLGRhdGEsdmFsaWRGcm9tLHNhbHQiLCJzaWduYXR1cmUiOiJyK0dpYlpia3dHRDQwNGNNT1ZsRDY2a0NlZWlYeEpEN0RuK2xhYW90QTZwR242NFVaenp0MTBidHVLN2gwdHlsYkZnNndicFp0cFBqRWVLekhGQU91cnJ3aEZzVUt1YzNoYWRrUks4akhpZUw3YnlqNVZ0S3M3N1V4WFBPNzZEWXBhSVVsRHZXcVZGWjU3SVRPc1B5dXFjY2FrS2pKTEJESC96T0xzc2UrYWRWVjBtdVRrNlpRcUp0TU80TUZrekcrS1dMeUlzWGhwd1ZWNFliUi82Qkg1OHVpNzBiQTdJRGV0d1JwcDU3R0tnZ0JwWTJOWlRjcnl0b2UzUWhlOUtNNWpsY1JPTFRkdW5VclVMc00vSGdYODF0Ujh5NEhFZGFlRkYrYkVTNFZLTGE3N0ZUMXlUTjlLeTNsaU9hVVlCUks4eXdVNkNsV3UvSVVucnFVNDg5Z1E9PSIsInNhbHQiOiJKV2Q3M1JvdmZyQT0ifQ== Channel type 9 unknown. Channel type 9 unknown. Channel type 9 unknown. Channel type 9 unknown. Channel type 6 unknown. Channel type 0 unknown. Channel type 220 unknown. Channel type 130 unknown. Channel type 214 unknown. Channel type 183 unknown. Channel type 0 unknown. Channel type 12 unknown. Channel type undefined unknown. (snip) Channel type undefined unknown. Channel type undefined unknown. 9: No message handlers for this channel; message 101 >> WebSockets.onerror[object Event] [object Event] (snip) Error: Unexpected close while ready >> WebSockets.onerror[object Event] [object Event] (snip) Error: Connection timed out. How can I resolve this problem? Please help. Thanks, Fumihide Tani ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Can not configure with simple LDAP.
(2014/10/07 0:50), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 6:47:15 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Alon, Sorry, I forgetted to start my DNS server. After that everything goes well. I can add LDAP account and login to the Web Portal by LDAP account successfully! great, now try this sequence: 1. define a group X in ldap. 2. define a group Y in ldap which is member of group X. 3. define user U that is member of group Y. 4. add group X into ovirt-engine as superuser. 5. try to login with user U. it should work unless we have an issue. I have done sequence 1 to 4. I can successflly login to the User Portal using ldap's user U. But my VMs which I have added permission to the group X as superuser are not displayed on the screen. Why not? something wrong? (2014/10/07 0:33), Alon Bar-Lev wrote: 2014-10-07 00:27:59,829 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (MSC service thread 1-14) Exception during sequence: LDAPException(resultCode=91 (connect error), errorMessage='An error occurred while attempting to connect to server ldap.rxc05271.com:389: java.io.IOException: An error occurred while attempting to establish a connection to server ldap.rxc05271.com/111.64.166.75:389: java.net.ConnectException: Connection refused') ----- Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 6:31:17 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. engine.log attached. Regards (2014/10/06 23:57), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 3:40:05 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Alon, Thanks, the ovirt-engine-extension-aaa-ldap was updated successfully. and then I restarted my ovirt-engine. I tried the following: 1) Login to the User Portal using LDAP account "tani". Failed. (it was able to login before doing update.) 2) Then deleting the LDAP account "tani" from admin portal. 3) Tried to add new account "tani" again. I selected "rxc05271.com (authz-company)" instead of "internal (internal)" but "Go" bottun is hidden. What should I do next? it probably means that the engine cannot interact with the ldap. can you see any error message during engine startup that related? can you stop engine remove engine.log start engine and send me the engine.log? Regards, Fumihide Tani (2014/10/06 20:39), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 2:36:38 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon I can not update the ovirt-engine-extension-aaa-ldap.noarch 0.0.0-0.0.master.20140923213100.git10a282b.el6. to the one you specified. Is it still not exist in ovirt-3.5-pre repo? right, they are at snapshots. you can take the extension rpm and only update it. yum localupdate http://resources.ovirt.org/pub/ovirt-3.5-snapshot/rpm/el6/noarch/ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d.el6.noarch.rpm Regards, Fumihide Tani (2014/10/06 17:07), Alon Bar-Lev wrote: Hello Fumihide, I pushed a significant change into ldap package, in some cases it will provide better response times. The change is within group resolution. I wounder if you can test it, should be at least ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d. Regards, Alon Bar-Lev. - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Thursday, September 25, 2014 4:41:09 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Without waiting until the weekend, I have finished the flesh install of the oVirt 3.5 RC3 today. As a result, with same AAA settings, My OpenLDAP's users became possible to login to the Web User Portal now. Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is not. Very much thanks, Fumihide Tani (2014/09/25 7:27), Alon Bar-Lev wrote: This is severe, the upgrade is not working properly you have issues with accessing database. If database is not important I suggest a fresh install, run engine-cleanup then engine-setup. If database is important please forward this to devel mailing list for someone to help, regardless of LDAP. Regards, Alon 4-09-25 00:36:08,389 ERROR [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1: java.lang.ArrayIndexOutOfBoundsException: 1 at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeD
Re: [ovirt-users] Can not configure with simple LDAP.
Alon, Sorry, I forgetted to start my DNS server. After that everything goes well. I can add LDAP account and login to the Web Portal by LDAP account successfully! (2014/10/07 0:33), Alon Bar-Lev wrote: 2014-10-07 00:27:59,829 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (MSC service thread 1-14) Exception during sequence: LDAPException(resultCode=91 (connect error), errorMessage='An error occurred while attempting to connect to server ldap.rxc05271.com:389: java.io.IOException: An error occurred while attempting to establish a connection to server ldap.rxc05271.com/111.64.166.75:389: java.net.ConnectException: Connection refused') - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 6:31:17 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. engine.log attached. Regards (2014/10/06 23:57), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 3:40:05 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Alon, Thanks, the ovirt-engine-extension-aaa-ldap was updated successfully. and then I restarted my ovirt-engine. I tried the following: 1) Login to the User Portal using LDAP account "tani". Failed. (it was able to login before doing update.) 2) Then deleting the LDAP account "tani" from admin portal. 3) Tried to add new account "tani" again. I selected "rxc05271.com (authz-company)" instead of "internal (internal)" but "Go" bottun is hidden. What should I do next? it probably means that the engine cannot interact with the ldap. can you see any error message during engine startup that related? can you stop engine remove engine.log start engine and send me the engine.log? Regards, Fumihide Tani (2014/10/06 20:39), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 2:36:38 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon I can not update the ovirt-engine-extension-aaa-ldap.noarch 0.0.0-0.0.master.20140923213100.git10a282b.el6. to the one you specified. Is it still not exist in ovirt-3.5-pre repo? right, they are at snapshots. you can take the extension rpm and only update it. yum localupdate http://resources.ovirt.org/pub/ovirt-3.5-snapshot/rpm/el6/noarch/ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d.el6.noarch.rpm Regards, Fumihide Tani (2014/10/06 17:07), Alon Bar-Lev wrote: Hello Fumihide, I pushed a significant change into ldap package, in some cases it will provide better response times. The change is within group resolution. I wounder if you can test it, should be at least ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d. Regards, Alon Bar-Lev. - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Thursday, September 25, 2014 4:41:09 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Without waiting until the weekend, I have finished the flesh install of the oVirt 3.5 RC3 today. As a result, with same AAA settings, My OpenLDAP's users became possible to login to the Web User Portal now. Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is not. Very much thanks, Fumihide Tani (2014/09/25 7:27), Alon Bar-Lev wrote: This is severe, the upgrade is not working properly you have issues with accessing database. If database is not important I suggest a fresh install, run engine-cleanup then engine-setup. If database is important please forward this to devel mailing list for someone to help, regardless of LDAP. Regards, Alon 4-09-25 00:36:08,389 ERROR [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1: java.lang.ArrayIndexOutOfBoundsException: 1 at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeDAODbFacadeImpl.java:208) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.access$000(VdsNumaNodeDAODbFacadeImpl.java:20) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:184) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:168) [dal.jar:] - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 6:40:58 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Result of running engine-setup: [root@ovirt ~]# yum list installed|grep ovirt-engine ovirt-engine.noar
Re: [ovirt-users] Can not configure with simple LDAP.
Alon, Thanks, the ovirt-engine-extension-aaa-ldap was updated successfully. and then I restarted my ovirt-engine. I tried the following: 1) Login to the User Portal using LDAP account "tani". Failed. (it was able to login before doing update.) 2) Then deleting the LDAP account "tani" from admin portal. 3) Tried to add new account "tani" again. I selected "rxc05271.com (authz-company)" instead of "internal (internal)" but "Go" bottun is hidden. What should I do next? Regards, Fumihide Tani (2014/10/06 20:39), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, October 6, 2014 2:36:38 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon I can not update the ovirt-engine-extension-aaa-ldap.noarch 0.0.0-0.0.master.20140923213100.git10a282b.el6. to the one you specified. Is it still not exist in ovirt-3.5-pre repo? right, they are at snapshots. you can take the extension rpm and only update it. yum localupdate http://resources.ovirt.org/pub/ovirt-3.5-snapshot/rpm/el6/noarch/ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d.el6.noarch.rpm Regards, Fumihide Tani (2014/10/06 17:07), Alon Bar-Lev wrote: Hello Fumihide, I pushed a significant change into ldap package, in some cases it will provide better response times. The change is within group resolution. I wounder if you can test it, should be at least ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d. Regards, Alon Bar-Lev. - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Thursday, September 25, 2014 4:41:09 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Without waiting until the weekend, I have finished the flesh install of the oVirt 3.5 RC3 today. As a result, with same AAA settings, My OpenLDAP's users became possible to login to the Web User Portal now. Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is not. Very much thanks, Fumihide Tani (2014/09/25 7:27), Alon Bar-Lev wrote: This is severe, the upgrade is not working properly you have issues with accessing database. If database is not important I suggest a fresh install, run engine-cleanup then engine-setup. If database is important please forward this to devel mailing list for someone to help, regardless of LDAP. Regards, Alon 4-09-25 00:36:08,389 ERROR [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1: java.lang.ArrayIndexOutOfBoundsException: 1 at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeDAODbFacadeImpl.java:208) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.access$000(VdsNumaNodeDAODbFacadeImpl.java:20) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:184) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:168) [dal.jar:] - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 6:40:58 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Result of running engine-setup: [root@ovirt ~]# yum list installed|grep ovirt-engine ovirt-engine.noarch 3.5.0-0.0.master.20140923231936.git42065cc.el6 Yes, engine is updated to newest one.! But I still continued failing to login. engine.log attached. Very thanks, (2014/09/24 23:59), Alon Bar-Lev wrote: you probably need to run engine-setup - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 4:59:22 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Oops! # yum list installed | grep ovirt-engine ovirt-engine.noarch 3.5.0-0.0.master.20140821064931.gitb794d66.el6 (snip) . Many ovirt-3.5-* modules are updated by yum today but engine is not. Why not updated to RC3?? (2014/09/24 22:42), Alon Bar-Lev wrote: Unless I am missing something, you run old engine: 2014-09-24 22:16:24,136 INFO [org.ovirt.engine.core.bll.Backend] (MSC service thread 1-12) Running ovirt-engine 3.5.0-0.0.master.20140821064931.gitb794d66.el6 - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 4:21:09 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Attached engine.log with "FINEST" Thanks, (2014/09/24 21:32), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Wednesday, September 24, 2014 3:24:23
Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon I can not update the ovirt-engine-extension-aaa-ldap.noarch 0.0.0-0.0.master.20140923213100.git10a282b.el6. to the one you specified. Is it still not exist in ovirt-3.5-pre repo? Regards, Fumihide Tani (2014/10/06 17:07), Alon Bar-Lev wrote: Hello Fumihide, I pushed a significant change into ldap package, in some cases it will provide better response times. The change is within group resolution. I wounder if you can test it, should be at least ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141005113632.git842505d. Regards, Alon Bar-Lev. - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Thursday, September 25, 2014 4:41:09 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Without waiting until the weekend, I have finished the flesh install of the oVirt 3.5 RC3 today. As a result, with same AAA settings, My OpenLDAP's users became possible to login to the Web User Portal now. Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is not. Very much thanks, Fumihide Tani (2014/09/25 7:27), Alon Bar-Lev wrote: This is severe, the upgrade is not working properly you have issues with accessing database. If database is not important I suggest a fresh install, run engine-cleanup then engine-setup. If database is important please forward this to devel mailing list for someone to help, regardless of LDAP. Regards, Alon 4-09-25 00:36:08,389 ERROR [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1: java.lang.ArrayIndexOutOfBoundsException: 1 at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeDAODbFacadeImpl.java:208) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.access$000(VdsNumaNodeDAODbFacadeImpl.java:20) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:184) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:168) [dal.jar:] - Original Message ----- From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 6:40:58 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Result of running engine-setup: [root@ovirt ~]# yum list installed|grep ovirt-engine ovirt-engine.noarch 3.5.0-0.0.master.20140923231936.git42065cc.el6 Yes, engine is updated to newest one.! But I still continued failing to login. engine.log attached. Very thanks, (2014/09/24 23:59), Alon Bar-Lev wrote: you probably need to run engine-setup - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 4:59:22 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Oops! # yum list installed | grep ovirt-engine ovirt-engine.noarch 3.5.0-0.0.master.20140821064931.gitb794d66.el6 (snip) . Many ovirt-3.5-* modules are updated by yum today but engine is not. Why not updated to RC3?? (2014/09/24 22:42), Alon Bar-Lev wrote: Unless I am missing something, you run old engine: 2014-09-24 22:16:24,136 INFO [org.ovirt.engine.core.bll.Backend] (MSC service thread 1-12) Running ovirt-engine 3.5.0-0.0.master.20140821064931.gitb794d66.el6 - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 4:21:09 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Attached engine.log with "FINEST" Thanks, (2014/09/24 21:32), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Wednesday, September 24, 2014 3:24:23 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, I have updated the oVirt 3.5 RC2 to the newest RC3 today. From my CentOS6.5 based oVirt Engine server and the oVirt Host server, # yum clean all # yum update Then rebooted these servers. But my LDAP problem is continued and same result as before. When I login to the oVirt User Portal, User Name: tani Password: (OpenLDAP's userPassword) Domain: rxc05271.com UI displays "General command validation failure." Please advice. Hopefully I can if you provide log... :) Thanks, Fumihide Tani (2014/09/22 22:20), Alon Bar-Lev wrote: The version of engine you are using is probably out of date and unsynced with latest ldap package (20140821064931). Please make sure you take latest from[1] Thanks! [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/ - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 3:42:52 PM Subject: Re: [ovirt-users] Can not configure with sim
Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon, Without waiting until the weekend, I have finished the flesh install of the oVirt 3.5 RC3 today. As a result, with same AAA settings, My OpenLDAP's users became possible to login to the Web User Portal now. Yes, RC3 is good for integrating with newest OpenLDAP 2.4.23, RC2 is not. Very much thanks, Fumihide Tani (2014/09/25 7:27), Alon Bar-Lev wrote: This is severe, the upgrade is not working properly you have issues with accessing database. If database is not important I suggest a fresh install, run engine-cleanup then engine-setup. If database is important please forward this to devel mailing list for someone to help, regardless of LDAP. Regards, Alon 4-09-25 00:36:08,389 ERROR [org.ovirt.engine.core.vdsbroker.VdsUpdateRunTimeInfo] (DefaultQuartzScheduler_Worker-7) ArrayIndexOutOfBoundsException: 1: java.lang.ArrayIndexOutOfBoundsException: 1 at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.getDistanceMap(VdsNumaNodeDAODbFacadeImpl.java:208) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl.access$000(VdsNumaNodeDAODbFacadeImpl.java:20) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:184) [dal.jar:] at org.ovirt.engine.core.dao.VdsNumaNodeDAODbFacadeImpl$1.mapRow(VdsNumaNodeDAODbFacadeImpl.java:168) [dal.jar:] - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 6:40:58 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Result of running engine-setup: [root@ovirt ~]# yum list installed|grep ovirt-engine ovirt-engine.noarch 3.5.0-0.0.master.20140923231936.git42065cc.el6 Yes, engine is updated to newest one.! But I still continued failing to login. engine.log attached. Very thanks, (2014/09/24 23:59), Alon Bar-Lev wrote: you probably need to run engine-setup - Original Message ----- From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 4:59:22 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Oops! # yum list installed | grep ovirt-engine ovirt-engine.noarch 3.5.0-0.0.master.20140821064931.gitb794d66.el6 (snip) . Many ovirt-3.5-* modules are updated by yum today but engine is not. Why not updated to RC3?? (2014/09/24 22:42), Alon Bar-Lev wrote: Unless I am missing something, you run old engine: 2014-09-24 22:16:24,136 INFO [org.ovirt.engine.core.bll.Backend] (MSC service thread 1-12) Running ovirt-engine 3.5.0-0.0.master.20140821064931.gitb794d66.el6 - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Sent: Wednesday, September 24, 2014 4:21:09 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Attached engine.log with "FINEST" Thanks, (2014/09/24 21:32), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Wednesday, September 24, 2014 3:24:23 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, I have updated the oVirt 3.5 RC2 to the newest RC3 today. From my CentOS6.5 based oVirt Engine server and the oVirt Host server, # yum clean all # yum update Then rebooted these servers. But my LDAP problem is continued and same result as before. When I login to the oVirt User Portal, User Name: tani Password: (OpenLDAP's userPassword) Domain: rxc05271.com UI displays "General command validation failure." Please advice. Hopefully I can if you provide log... :) Thanks, Fumihide Tani (2014/09/22 22:20), Alon Bar-Lev wrote: The version of engine you are using is probably out of date and unsynced with latest ldap package (20140821064931). Please make sure you take latest from[1] Thanks! [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/ - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 3:42:52 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Your requested engine.log attached. Also, I tried to login to web user portal by "tani" User Name: tani Password:(OpenLDAP userPassword) Domain: rxc05271.com cause: "General command validation failure." Attated log includes login by "Fumihide" first, "tani" second. Very thanks, (2014/09/22 21:24), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 3:06:39 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Sorry, I misunderstood. This is outputs after LDAP user logged in. Please attach log as files, not inline, easier to handle. 2014-09-22 21:01:32,638 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-870
Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon, I have updated the oVirt 3.5 RC2 to the newest RC3 today. From my CentOS6.5 based oVirt Engine server and the oVirt Host server, # yum clean all # yum update Then rebooted these servers. But my LDAP problem is continued and same result as before. When I login to the oVirt User Portal, User Name: tani Password: (OpenLDAP's userPassword) Domain: rxc05271.com UI displays "General command validation failure." Please advice. Thanks, Fumihide Tani (2014/09/22 22:20), Alon Bar-Lev wrote: The version of engine you are using is probably out of date and unsynced with latest ldap package (20140821064931). Please make sure you take latest from[1] Thanks! [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/ - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 3:42:52 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Your requested engine.log attached. Also, I tried to login to web user portal by "tani" User Name: tani Password:(OpenLDAP userPassword) Domain: rxc05271.com cause: "General command validation failure." Attated log includes login by "Fumihide" first, "tani" second. Very thanks, (2014/09/22 21:24), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 3:06:39 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Sorry, I misunderstood. This is outputs after LDAP user logged in. Please attach log as files, not inline, easier to handle. 2014-09-22 21:01:32,638 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchRequest: SearchRequest(baseDN='dc=rxc05271,dc=com', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=0, filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)', attrs={entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail}, controls={SimplePagedResultsControl(pageSize=100, isCritical=false)}) 2014-09-22 21:01:32,640 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchResult: SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0, referencesReturned=0, responseControls={SimplePagedResultsControl(pageSize=0, isCritical=false)}) >From the above I see that a search was issued: &(objectClass=uidObject)(uid=*)(uid=Fumihide) And no result returned. Per previous output: --- # tani, Users, rxc05271.com dn: uid=tani,ou=Users,dc=rxc05271,dc=com objectClass: inetOrgPerson objectClass: uidObject uid: tani cn: Fumihide Tani givenName: Fumihide mail: t...@rxc05271.com sn: Tani userPassword:: a3VtaXRhbg== --- Your user name is tani and not Fumihide. Alon ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon, Thanks a lot. I'll try the newest ovirt 3.5 release. (2014/09/22 22:20), Alon Bar-Lev wrote: The version of engine you are using is probably out of date and unsynced with latest ldap package (20140821064931). Please make sure you take latest from[1] Thanks! [1] http://resources.ovirt.org/pub/ovirt-3.5-snapshot/ - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 3:42:52 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Your requested engine.log attached. Also, I tried to login to web user portal by "tani" User Name: tani Password:(OpenLDAP userPassword) Domain: rxc05271.com cause: "General command validation failure." Attated log includes login by "Fumihide" first, "tani" second. Very thanks, (2014/09/22 21:24), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 3:06:39 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Sorry, I misunderstood. This is outputs after LDAP user logged in. Please attach log as files, not inline, easier to handle. 2014-09-22 21:01:32,638 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchRequest: SearchRequest(baseDN='dc=rxc05271,dc=com', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=0, filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)', attrs={entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail}, controls={SimplePagedResultsControl(pageSize=100, isCritical=false)}) 2014-09-22 21:01:32,640 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchResult: SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0, referencesReturned=0, responseControls={SimplePagedResultsControl(pageSize=0, isCritical=false)}) >From the above I see that a search was issued: &(objectClass=uidObject)(uid=*)(uid=Fumihide) And no result returned. Per previous output: --- # tani, Users, rxc05271.com dn: uid=tani,ou=Users,dc=rxc05271,dc=com objectClass: inetOrgPerson objectClass: uidObject uid: tani cn: Fumihide Tani givenName: Fumihide mail: t...@rxc05271.com sn: Tani userPassword:: a3VtaXRhbg== --- Your user name is tani and not Fumihide. Alon ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Can not configure with simple LDAP.
hide 2014-09-22 21:01:32,695 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,695 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence Return name='simple-resolve-user' 2014-09-22 21:01:32,695 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) End sequence authn resolve user 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authTranslatedMessage = CREDENTIALS_INVALID 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,698 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,698 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,698 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,700 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,700 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,700 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = true 2014-09-22 21:01:32,701 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,701 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,701 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence Return name='authn' 2014-09-22 21:01:32,702 DEBUG [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (ajp--127.0.0.1-8702-4) doAuthenticateCredentials Return {Extkey[name=AAA_AUTHN_RESULT;type=class java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12} 2014-09-22 21:01:32,702 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-4) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 21:01:32,713 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-4) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 21:01:32,724 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-4) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 21:01:32,724 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-4) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD (2014/09/22 20:41), Alon Bar-Lev wrote: Not sure what adds crlf to your file... please use *NIX editor, please use dos2unix to remove these, Per our previous discussion, you should modify: Into: You should see a difference. Thanks! - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 2:36:05 PM Subject: Re: [ovirt-users] Can not configu
Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon, I modified ovirt-engine.xml.in and restarted ovirt-engine. Attached is the modified ovirt-engine.xml.in. The engine.log outputs are fllowing: (Unfortunately it became the same result.) - 2014-09-22 19:48:11,245 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-2) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 19:48:11,257 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 19:48:11,265 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 19:48:11,266 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-2) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD - As a cause of fail to OpenLDAP user login, I suspect that the my openldap password encryption method setting not meet with the ovirt. Is there any method to verify? Thanks, (2014/09/22 19:15), Alon Bar-Lev wrote: You need to add the following: + + + Look at the + lines, please add these (without the +) just before: Thanks! - Original Message ----- From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 1:10:57 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. (2014/09/22 15:00), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 4:16:17 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. (2014/09/22 0:16), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 6:00:48 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Following Alon's advice, I added authz-company.properties file to the configuration directory. Then OpenLDAP users can searched from oVirt Web admin. and I could add it's users to the portal successfully. But I have another problem. These OpenLDAP users that I added can not login to ovirt web user portal. User Name: Fumihide (This is shown on Web Admin Portal "Users" tab as "First Name") Password: (I specified it as OpenLDAP's userPassword for "Fumihide") Domain: rxc05271.com (I selected instead of "internal") ? 1. What error do you get at ui? "The user name or password is incorrect." 2. Please look at engine.log while attempting to login, if you see something helpful. 2014-09-22 09:53:27,669 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-2) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 09:53:27,685 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 09:53:27,693 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 09:53:27,693 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-2) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD 3. Please make sure that the following is a success: $ ldapsearch -h -x -W -D -b uid= [root@ovirt ~]# ldapsearch -H ldapi:/// -x -W -D "uid=tani,ou=Users,dc=rxc05271,dc=com" -b 'dc=rxc05271,dc=com' -x '(uid=tani)' Enter LDAP Password: # extended LDIF # # LDAPv3 # base with scope subtree # filter: (uid=tani) # requesting: ALL # # tani, Users, rxc05271.com dn: uid=tani,ou=Users,dc=rxc05271,dc=com objectClass: inetOrgPerson objectClass: uidObject uid: tani cn: Fumihide Tani givenName: Fumihide mail: t...@rxc05271.com sn: Tani userPassword:: a3VtaXRhbg== # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [root@ovirt ~]# 4. If working please modify /usr/share/ovirt-enigne/services/ovirt-enigne/ovirt-enigne.xml.in --- - - + + + --- Restart engine, attempt login, send me the output. 2014-09-22 10:03:57,517 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-7) Cant login user "Fumihide&qu
Re: [ovirt-users] Can not configure with simple LDAP.
(2014/09/22 15:00), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Monday, September 22, 2014 4:16:17 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. (2014/09/22 0:16), Alon Bar-Lev wrote: - Original Message ----- From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 6:00:48 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Following Alon's advice, I added authz-company.properties file to the configuration directory. Then OpenLDAP users can searched from oVirt Web admin. and I could add it's users to the portal successfully. But I have another problem. These OpenLDAP users that I added can not login to ovirt web user portal. User Name: Fumihide (This is shown on Web Admin Portal "Users" tab as "First Name") Password: (I specified it as OpenLDAP's userPassword for "Fumihide") Domain: rxc05271.com (I selected instead of "internal") ? 1. What error do you get at ui? "The user name or password is incorrect." 2. Please look at engine.log while attempting to login, if you see something helpful. 2014-09-22 09:53:27,669 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-2) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 09:53:27,685 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 09:53:27,693 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 09:53:27,693 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-2) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD 3. Please make sure that the following is a success: $ ldapsearch -h -x -W -D -b uid= [root@ovirt ~]# ldapsearch -H ldapi:/// -x -W -D "uid=tani,ou=Users,dc=rxc05271,dc=com" -b 'dc=rxc05271,dc=com' -x '(uid=tani)' Enter LDAP Password: # extended LDIF # # LDAPv3 # base with scope subtree # filter: (uid=tani) # requesting: ALL # # tani, Users, rxc05271.com dn: uid=tani,ou=Users,dc=rxc05271,dc=com objectClass: inetOrgPerson objectClass: uidObject uid: tani cn: Fumihide Tani givenName: Fumihide mail: t...@rxc05271.com sn: Tani userPassword:: a3VtaXRhbg== # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [root@ovirt ~]# 4. If working please modify /usr/share/ovirt-enigne/services/ovirt-enigne/ovirt-enigne.xml.in --- - - + + + --- Restart engine, attempt login, send me the output. 2014-09-22 10:03:57,517 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-7) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 10:03:57,534 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 10:03:57,545 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 10:03:57,545 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-7) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD (logger level is not changed to FINEST? outputs is same as above.) I had a mistake above... the file-handler level should be set to finest. can you confirm? or best send me the engine.xml.in file and I can see what's wrong. thanks! I set file-handler's level name to "FINEST". but outputs are same as before. I attached the ovirt-engine.xml.in Regards, Thanks, Fumihide Tani Please advice me, it's so thanksfull. Fumihide Tani (2014/09/21 17:13), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 11:11:11 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon Very thanks for your help. My problem was solved and the AAA is working now. I could add LDAP user. :) Great. Can you please send me a patch or modified README to make it better? Alon Fumihide
Re: [ovirt-users] Can not configure with simple LDAP.
(2014/09/22 0:16), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 6:00:48 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon, Following Alon's advice, I added authz-company.properties file to the configuration directory. Then OpenLDAP users can searched from oVirt Web admin. and I could add it's users to the portal successfully. But I have another problem. These OpenLDAP users that I added can not login to ovirt web user portal. User Name: Fumihide (This is shown on Web Admin Portal "Users" tab as "First Name") Password: (I specified it as OpenLDAP's userPassword for "Fumihide") Domain: rxc05271.com (I selected instead of "internal") ? 1. What error do you get at ui? "The user name or password is incorrect." 2. Please look at engine.log while attempting to login, if you see something helpful. 2014-09-22 09:53:27,669 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-2) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 09:53:27,685 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 09:53:27,693 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 09:53:27,693 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-2) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD 3. Please make sure that the following is a success: $ ldapsearch -h -x -W -D -b uid= [root@ovirt ~]# ldapsearch -H ldapi:/// -x -W -D "uid=tani,ou=Users,dc=rxc05271,dc=com" -b 'dc=rxc05271,dc=com' -x '(uid=tani)' Enter LDAP Password: # extended LDIF # # LDAPv3 # base with scope subtree # filter: (uid=tani) # requesting: ALL # # tani, Users, rxc05271.com dn: uid=tani,ou=Users,dc=rxc05271,dc=com objectClass: inetOrgPerson objectClass: uidObject uid: tani cn: Fumihide Tani givenName: Fumihide mail: t...@rxc05271.com sn: Tani userPassword:: a3VtaXRhbg== # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 [root@ovirt ~]# 4. If working please modify /usr/share/ovirt-enigne/services/ovirt-enigne/ovirt-enigne.xml.in --- - - + + + --- Restart engine, attempt login, send me the output. 2014-09-22 10:03:57,517 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-7) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 10:03:57,534 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 10:03:57,545 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 10:03:57,545 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-7) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD (logger level is not changed to FINEST? outputs is same as above.) Thanks, Fumihide Tani Please advice me, it's so thanksfull. Fumihide Tani (2014/09/21 17:13), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 11:11:11 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon Very thanks for your help. My problem was solved and the AAA is working now. I could add LDAP user. :) Great. Can you please send me a patch or modified README to make it better? Alon Fumihide Tani (2014/09/21 16:19), Alon Bar-Lev wrote: - Original Message - From: "Alon Bar-Lev" To: "Fumihide Tani" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 10:19:11 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, You need to create authz extension as well (authz-company). The configuration you provided is establishing authentication only (authn) which refer to authz-company but you did not add it. The terms are: 1. authn - who the user is. 2. authz - what user is permitted. 3. profile
Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon, Following Alon's advice, I added authz-company.properties file to the configuration directory. Then OpenLDAP users can searched from oVirt Web admin. and I could add it's users to the portal successfully. But I have another problem. These OpenLDAP users that I added can not login to ovirt web user portal. User Name: Fumihide (This is shown on Web Admin Portal "Users" tab as "First Name") Password: (I specified it as OpenLDAP's userPassword for "Fumihide") Domain: rxc05271.com (I selected instead of "internal") ? Please advice me, it's so thanksfull. Fumihide Tani (2014/09/21 17:13), Alon Bar-Lev wrote: - Original Message - From: "Fumihide Tani" To: "Alon Bar-Lev" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 11:11:11 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, Alon Very thanks for your help. My problem was solved and the AAA is working now. I could add LDAP user. :) Great. Can you please send me a patch or modified README to make it better? Alon Fumihide Tani (2014/09/21 16:19), Alon Bar-Lev wrote: - Original Message - From: "Alon Bar-Lev" To: "Fumihide Tani" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 10:19:11 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, You need to create authz extension as well (authz-company). The configuration you provided is establishing authentication only (authn) which refer to authz-company but you did not add it. The terms are: 1. authn - who the user is. 2. authz - what user is permitted. 3. profile - combination of the two. - # vi /etc/ovirt-engine/extensions.d/authz-company.properties ovirt.engine.extension.name = authz-company ovirt.engine.extension.bindings.method = jbossmodule ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthnExtension Sorry: org.ovirt.engineextensions.aaa.ldap.AuthzExtension ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties -- Regards, Alon ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon Very thanks for your help. My problem was solved and the AAA is working now. I could add LDAP user. :) Fumihide Tani (2014/09/21 16:19), Alon Bar-Lev wrote: - Original Message - From: "Alon Bar-Lev" To: "Fumihide Tani" Cc: users@ovirt.org Sent: Sunday, September 21, 2014 10:19:11 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP. Hi, You need to create authz extension as well (authz-company). The configuration you provided is establishing authentication only (authn) which refer to authz-company but you did not add it. The terms are: 1. authn - who the user is. 2. authz - what user is permitted. 3. profile - combination of the two. - # vi /etc/ovirt-engine/extensions.d/authz-company.properties ovirt.engine.extension.name = authz-company ovirt.engine.extension.bindings.method = jbossmodule ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthnExtension Sorry: org.ovirt.engineextensions.aaa.ldap.AuthzExtension ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties -- Regards, Alon ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] Can not configure with simple LDAP.
ect', Build interface Version: '0', File: '/etc/ovirt-engine/extensions.d/authn-company.properties', Initialized: 'true' 2014-09-21 14:33:26,197 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-15) Instance name: 'internal', Extension name: 'Internal Authz (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: '0', File: 'N/A', Initialized: 'true' 2014-09-21 14:33:26,197 INFO [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-15) End of enabled extensions list --- I could not find out any erros in engine.log as well as ldap.log. And I can not search add ldap users from Web Admin Portal. Click "Users" tab, then click "Add". I can select "internal (internal)" only on [Add Users and Groups] in "Search" field. I do not know where the cause is. I'm missing another settings required? Thanks, Fumihide Tani ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
[ovirt-users] [oVirt3.5] Let me know how to integrate oVirt 3.5 with latest version of OpenLDAP.
Hi, everyone, I'm trying to integrate oVirt 3.5 RC2 with latest OpenLDAP 2.4. Both are running on a same server, CentOS 6.5 (Final), oVirt Engine server. But the integration does not succeed. First, I set up OpenLDAP according to the following url: http://www.ovirt.org/LDAP_Quick_Start. And many errors occurred during setup. (like: ldap_modify: Other (e.g., implementation specific) error (80) ). Next, I installed ovirt-engine-extension-aaa-ldap.noarch 0.0.0-0.0.master.20140904095149.gitc7bd415.el6 by yum. Then I set up ovirt-engine-extension-aaa-ldap according to the following url: https://www.mail-archive.com/devel@ovirt.org/msg01449.html After restarting ovirt-engine, the engine.log output: engine.log:2014-09-18 16:35:09, 691 INFO [org.ovirt.engineextensions.aaa.ldap. Framework] (MSC service thread 1-6) Creating LDAP pool 'authz' for 'authn-company'' Error is not detected here. Access to OpenLDAP server succeeded, and the user authentication succeeded too. I think that the cause of failing OpenLDAP integration is OpenLDAP side and the document http://www.ovirt.org/LDAP_Quick_Start is old and not fit to the latest version of OpenLDAP. If anyone know the latest document for the OpenLDAP integration or any help for resolving this problem, please let me know. Very thanks. ___ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users