subject:"\[ovirt\-users\] Fwd\: FreeIPA authentication broken"

Re: [ovirt-users] Fwd: FreeIPA authentication broken

2018-04-26 Thread Enrico Becchetti


  Dear All,
I'm following this thread because thinking to SAML ovirt integration. 
Can you help me ?
Does ovirt support this kind of authentication ? Could you send me more 
information or

a link to guide ?
Thanks a lot.
Best Regards
Enrico


Il 25/04/2018 18:20, Kristian Petersen ha scritto:
I restarted the service and it is working beautifully again.  Thank 
you for you time and effort in helping me.


As for what caused this mess...
My hosted engine crashed after it's storage was temporarily 
disconnected by an automatic application of an update which then 
rebooted the NAS.  After I was able to get the engine back up, but 
running my IPA logins didn't work anymore and I had no idea why that 
would be.  I hadn't changed anything in relation to any of that so it 
made little sense why it stopped working.


On Wed, Apr 25, 2018 at 1:39 AM, Ondra Machacek > wrote:


Yep, you need to restart ovirt-engine service so the changes take
effect.

Anyway, we need to figure out what removed your IPA.properties and
IPA.jks file. What did you do before it stop work?

On 04/25/2018 12:37 AM, Kristian Petersen wrote:


-- Forwarded message --
From: *Kristian Petersen*  >>
Date: Tue, Apr 24, 2018 at 12:38 PM
Subject: Re: [ovirt-users] FreeIPA authentication broken
To: Ondra Machacek  >>


That directory only contains internal.properties.  So I copied
the IPA.properties, IPA-authn.properties, and IPA.jks files
all into the 'aaa' subdirectory and set ownership and
permissions as you directed.  I reran the command you gave me
initially and it prompted me for a password for the user when
entered the process exited with status 0.  However, the web
interface still isn't letting me log in.  Do I need to restart
a service for the changes to be effective in the web UI?

On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek

>> wrote:

    Right, you are missing file
/etc/ovirt-engine/aaa/IPA.properties

    It's not subdirectory of /etc/ovirt-engine/extensions.d,
but it's in
    /etc/ovirt-engine/ in 'aaa' subdirectory, can you check
what's there?
    Please check also the correct permissions of that file, it
should be
    '600' and owned by ovirt user.


    On 04/23/2018 10:25 PM, Kristian Petersen wrote:

        Looks like it can't find the IPA.properties file.  I tried
        following the path it is complaining about but there
are only
        files in /etc/ovirt-engine/extensions.d on the engine
VM.  No
        subdirectories.  However, that directory appears to
contain the
        files it is looking for.  Both IPA-authn.properties and
        IPA.properties are there as are the internal
properties files.         Is there a config file we can edit
to tell it to look in the
        right place?




-- 
Kristian Petersen

System Administrator
BYU Dept. of Chemistry and Biochemistry



-- 
Kristian Petersen

System Administrator
BYU Dept. of Chemistry and Biochemistry


___
Users mailing list
Users@ovirt.org 
http://lists.ovirt.org/mailman/listinfo/users





--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users



--
___

Enrico BecchettiServizio di Calcolo e Reti

Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica  06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchettipg.infn.it
__

___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Fwd: FreeIPA authentication broken

2018-04-25 Thread Kristian Petersen

I restarted the service and it is working beautifully again.  Thank you for
you time and effort in helping me.

As for what caused this mess...
My hosted engine crashed after it's storage was temporarily disconnected by
an automatic application of an update which then rebooted the NAS.  After I
was able to get the engine back up, but running my IPA logins didn't work
anymore and I had no idea why that would be.  I hadn't changed anything in
relation to any of that so it made little sense why it stopped working.

On Wed, Apr 25, 2018 at 1:39 AM, Ondra Machacek  wrote:

> Yep, you need to restart ovirt-engine service so the changes take
> effect.
>
> Anyway, we need to figure out what removed your IPA.properties and
> IPA.jks file. What did you do before it stop work?
>
> On 04/25/2018 12:37 AM, Kristian Petersen wrote:
>
>>
>> -- Forwarded message --
>> From: *Kristian Petersen*  nesre...@chem.byu.edu>>
>> Date: Tue, Apr 24, 2018 at 12:38 PM
>> Subject: Re: [ovirt-users] FreeIPA authentication broken
>> To: Ondra Machacek >
>>
>>
>> That directory only contains internal.properties.  So I copied the
>> IPA.properties, IPA-authn.properties, and IPA.jks files all into the 'aaa'
>> subdirectory and set ownership and permissions as you directed.  I reran
>> the command you gave me initially and it prompted me for a password for the
>> user when entered the process exited with status 0.  However, the web
>> interface still isn't letting me log in.  Do I need to restart a service
>> for the changes to be effective in the web UI?
>>
>> On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek > > wrote:
>>
>> Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties
>>
>> It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in
>> /etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's there?
>> Please check also the correct permissions of that file, it should be
>> '600' and owned by ovirt user.
>>
>>
>> On 04/23/2018 10:25 PM, Kristian Petersen wrote:
>>
>> Looks like it can't find the IPA.properties file.  I tried
>> following the path it is complaining about but there are only
>> files in /etc/ovirt-engine/extensions.d on the engine VM.  No
>> subdirectories.  However, that directory appears to contain the
>> files it is looking for.  Both IPA-authn.properties and
>> IPA.properties are there as are the internal properties files.
>>  Is there a config file we can edit to tell it to look in the
>> right place?
>>
>>
>>
>>
>> --
>> Kristian Petersen
>> System Administrator
>> BYU Dept. of Chemistry and Biochemistry
>>
>>
>>
>> --
>> Kristian Petersen
>> System Administrator
>> BYU Dept. of Chemistry and Biochemistry
>>
>>
>> ___
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>


-- 
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Fwd: FreeIPA authentication broken

2018-04-25 Thread Ondra Machacek


Yep, you need to restart ovirt-engine service so the changes take
effect.

Anyway, we need to figure out what removed your IPA.properties and
IPA.jks file. What did you do before it stop work?

On 04/25/2018 12:37 AM, Kristian Petersen wrote:


-- Forwarded message --
From: *Kristian Petersen* >

Date: Tue, Apr 24, 2018 at 12:38 PM
Subject: Re: [ovirt-users] FreeIPA authentication broken
To: Ondra Machacek >


That directory only contains internal.properties.  So I copied the 
IPA.properties, IPA-authn.properties, and IPA.jks files all into the 
'aaa' subdirectory and set ownership and permissions as you directed.  I 
reran the command you gave me initially and it prompted me for a 
password for the user when entered the process exited with status 0.  
However, the web interface still isn't letting me log in.  Do I need to 
restart a service for the changes to be effective in the web UI?


On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek > wrote:


Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties

It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in
/etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's there?
Please check also the correct permissions of that file, it should be
'600' and owned by ovirt user.


On 04/23/2018 10:25 PM, Kristian Petersen wrote:

Looks like it can't find the IPA.properties file.  I tried
following the path it is complaining about but there are only
files in /etc/ovirt-engine/extensions.d on the engine VM.  No
subdirectories.  However, that directory appears to contain the
files it is looking for.  Both IPA-authn.properties and
IPA.properties are there as are the internal properties files. 
Is there a config file we can edit to tell it to look in the

right place?




--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry



--
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users


___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

[ovirt-users] Fwd: FreeIPA authentication broken

2018-04-24 Thread Kristian Petersen

-- Forwarded message --
From: Kristian Petersen 
Date: Tue, Apr 24, 2018 at 12:38 PM
Subject: Re: [ovirt-users] FreeIPA authentication broken
To: Ondra Machacek 


That directory only contains internal.properties.  So I copied the
IPA.properties, IPA-authn.properties, and IPA.jks files all into the 'aaa'
subdirectory and set ownership and permissions as you directed.  I reran
the command you gave me initially and it prompted me for a password for the
user when entered the process exited with status 0.  However, the web
interface still isn't letting me log in.  Do I need to restart a service
for the changes to be effective in the web UI?

On Mon, Apr 23, 2018 at 11:59 PM, Ondra Machacek 
wrote:

> Right, you are missing file /etc/ovirt-engine/aaa/IPA.properties
>
> It's not subdirectory of /etc/ovirt-engine/extensions.d, but it's in
> /etc/ovirt-engine/ in 'aaa' subdirectory, can you check what's there?
> Please check also the correct permissions of that file, it should be
> '600' and owned by ovirt user.
>
>
> On 04/23/2018 10:25 PM, Kristian Petersen wrote:
>
>> Looks like it can't find the IPA.properties file.  I tried following the
>> path it is complaining about but there are only files in
>> /etc/ovirt-engine/extensions.d on the engine VM.  No subdirectories.
>> However, that directory appears to contain the files it is looking for.
>> Both IPA-authn.properties and IPA.properties are there as are the internal
>> properties files.  Is there a config file we can edit to tell it to look in
>> the right place?
>>
>>


-- 
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry



-- 
Kristian Petersen
System Administrator
BYU Dept. of Chemistry and Biochemistry
___
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Re: [ovirt-users] Fwd: FreeIPA authentication broken

Re: [ovirt-users] Fwd: FreeIPA authentication broken

Re: [ovirt-users] Fwd: FreeIPA authentication broken

[ovirt-users] Fwd: FreeIPA authentication broken

4 matches

Site Navigation

Mail list logo

Footer information