subject:"\[ovirt\-users\] Re\: ovirt\-engine\-extension\-aaa\-ldap\-setup failed"

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-11-14 Thread Jeremy Tourville

Yes, I found out my original problem stemmed from the fact that I had not 
created a normal user account after my initial 389 DS setup.  Once I created 
the normal user account I logged into the engine as the internal admin user.  I 
assigned the normal user account the super user role.  I logged out as internal 
admin and logged in as the new user / super user using the newly created 
profile.  So at least for the AAA setup everything seems to work ok.  I created 
some additional users in 389 DS and I can view them from the engine.

Thank you for your help!

From: Ondra Machacek 
Sent: Wednesday, November 14, 2018 8:54 AM
To: Jeremy Tourville; users@ovirt.org
Subject: Re: [ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

You need to create some users in 'dc=cyber-range,dc=lan', you can switch
to it in 389ds GUI console  and there create some users, and use those
users in aaa-ldap-setup and also in oVirt engine gui.

On 11/9/18 10:24 AM, Jeremy Tourville wrote:
> An update, I was able to complete the setup.  It says it was successful but I 
> still can't login using the engine web interface.  I selected the newly 
> created profile using the dropdown arrow and entered my admin user and 
> password.  I get an error "Unable to login.  Verify your login information or 
> contact the system administrator."
>
> I attached my log showing the setup completion.
>
> 
> From: Jeremy Tourville 
> Sent: Monday, November 5, 2018 2:58 PM
> To: Ondra Machacek
> Cc: users@ovirt.org
> Subject: Re: [ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed
>
>>>> Can you try to run that on command line[1], or can you double check that 
>>>> such user exists?
>
> Here is the result of the command:
> [root@ldap ~]# ldapsearch -x -H ldap://ldap.cyber-range.lan -b 
> 'dc=cyber-range,dc=lan' -D 
> 'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W 
> uid=admin
> Enter LDAP Password:
> # extended LDIF
> #
> # LDAPv3
> # base  with scope subtree
> # filter: uid=admin
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 1
>
> Basically, I did not create any users except for the ones that were "created" 
> during the setup-ds-admin.pl script run. 
> https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
> I ran the script just like the article did to include names, I did however 
> change the server and domain names to match mine.  I didn't create any users 
> using the GUI or ldapmodify after the initial setup.  Do I need to create a 
> user with the needed bind privileges or is my problem somewhere else?
>
> ____________
> From: Ondra Machacek 
> Sent: Monday, November 5, 2018 4:15 AM
> To: Jeremy Tourville; Donny Davis
> Cc: users@ovirt.org
> Subject: Re: [ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed
>
> Looking at logs you may see:
>
> 2018-10-31 16:48:09,331-05 FINEPerforming SearchRequest
> 'SearchRequest(baseDN='dc=cyber-range,dc=lan', scope=SUB, deref=NEVER,
> sizeLimit=0, timeLimit=0,
> filter='&(objectClass=organizationalPerson)(uid=*)(uid=admin)',
> attrs={nsuniqueid, uid, cn, displayName, department, givenName, sn,
> title, mail})' request on server 'ldap.cyber-range.lan'
> 2018-10-31 16:48:09,333-05 FINESearchResult:
> SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0,
> referencesReturned=0)
>
> So the AAA is trying to search user uid=admin in namespace
> dc=cyber-range,dc=lan. But the 389ds return nothing. Can you try to run
> that on command line[1], or can you double check that such user exists?
>
> Seems like admin which you use in vars.user, from namespace
> o=NetscapeRoot, can't search in namespace dc=cyber-range,dc=lan.
>
> Try to use as vars.use user from namespace dc=cyber-range,dc=lan.
>
> [1] ldapsearch -x -H ldap://ldap.cyber-range.lan -b
> 'dc=cyber-range,dc=lan' -D
> 'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W
> uid=admin
>
> On 11/2/18 2:01 PM, Jeremy Tourville wrote:
>> I have been trying to find the setting to confirm that.
>>
>> On Nov 2, 2018 7:43 AM, Donny Davis  wrote:
>> Is binding allowed in your 389ds instance?
>>
>>
>> On Fri, Nov 2, 2018, 8:11 AM Jeremy Tourville 
>> mailto:jeremy_tourvi...@hotmail.com> wrote:
>> The backend is 389 DS, no this is not Govt related.  This will be used as a 
>> training platform for my local ISSA chapter.  This is a new 389 DS server.  
>> I followed the instructions at 
>> https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
>> The server is

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-11-14 Thread Ondra Machacek


You need to create some users in 'dc=cyber-range,dc=lan', you can switch
to it in 389ds GUI console  and there create some users, and use those
users in aaa-ldap-setup and also in oVirt engine gui.

On 11/9/18 10:24 AM, Jeremy Tourville wrote:

An update, I was able to complete the setup.  It says it was successful but I still can't 
login using the engine web interface.  I selected the newly created profile using the 
dropdown arrow and entered my admin user and password.  I get an error "Unable to 
login.  Verify your login information or contact the system administrator."

I attached my log showing the setup completion.


From: Jeremy Tourville 
Sent: Monday, November 5, 2018 2:58 PM
To: Ondra Machacek
Cc: users@ovirt.org
Subject: Re: [ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed


Can you try to run that on command line[1], or can you double check that such 
user exists?


Here is the result of the command:
[root@ldap ~]# ldapsearch -x -H ldap://ldap.cyber-range.lan -b 
'dc=cyber-range,dc=lan' -D 
'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W uid=admin
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base  with scope subtree
# filter: uid=admin
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1

Basically, I did not create any users except for the ones that were "created" 
during the setup-ds-admin.pl script run. 
https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
I ran the script just like the article did to include names, I did however 
change the server and domain names to match mine.  I didn't create any users 
using the GUI or ldapmodify after the initial setup.  Do I need to create a 
user with the needed bind privileges or is my problem somewhere else?


From: Ondra Machacek 
Sent: Monday, November 5, 2018 4:15 AM
To: Jeremy Tourville; Donny Davis
Cc: users@ovirt.org
Subject: Re: [ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

Looking at logs you may see:

2018-10-31 16:48:09,331-05 FINEPerforming SearchRequest
'SearchRequest(baseDN='dc=cyber-range,dc=lan', scope=SUB, deref=NEVER,
sizeLimit=0, timeLimit=0,
filter='&(objectClass=organizationalPerson)(uid=*)(uid=admin)',
attrs={nsuniqueid, uid, cn, displayName, department, givenName, sn,
title, mail})' request on server 'ldap.cyber-range.lan'
2018-10-31 16:48:09,333-05 FINESearchResult:
SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0,
referencesReturned=0)

So the AAA is trying to search user uid=admin in namespace
dc=cyber-range,dc=lan. But the 389ds return nothing. Can you try to run
that on command line[1], or can you double check that such user exists?

Seems like admin which you use in vars.user, from namespace
o=NetscapeRoot, can't search in namespace dc=cyber-range,dc=lan.

Try to use as vars.use user from namespace dc=cyber-range,dc=lan.

[1] ldapsearch -x -H ldap://ldap.cyber-range.lan -b
'dc=cyber-range,dc=lan' -D
'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W
uid=admin

On 11/2/18 2:01 PM, Jeremy Tourville wrote:

I have been trying to find the setting to confirm that.

On Nov 2, 2018 7:43 AM, Donny Davis  wrote:
Is binding allowed in your 389ds instance?


On Fri, Nov 2, 2018, 8:11 AM Jeremy Tourville 
mailto:jeremy_tourvi...@hotmail.com> wrote:
The backend is 389 DS, no this is not Govt related.  This will be used as a 
training platform for my local ISSA chapter.  This is a new 389 DS server.  I 
followed the instructions at 
https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
The server is "stock" with the exceptions of the settings for startTLS and 
adding certificates, etc (basically, whatever is needed to integrate with the Ovirt 
Engine.)
I am using my Admin account to perform the bind.  What I don't understand is 
why everything else in the aaa setup script works except the login sequence.  
It would seem like my certificates are correct, correct use of the admin DN, 
etc.  The funny part is I can login to the server using the admin account and 
password yet the same admin account and password fail when using the aaa setup 
script.  But, that is why I am using the expert knowledge on the list!  Maybe I 
have overlooked a simple prerequisite setting needed for setup somewhere?

I'll wait for someone to chime in on possible reasons to get this message:
SEVERE  Authn.Result code is: CREDENTIALS_INVALID
[ ERROR ] Login sequence failed

__
Users mailing list -- users@ovirt.org<mailto:users@ovirt.org>
To unsubscribe send an email to 
users-le...@ovirt.org<mailto:users-le...@ovirt.org>
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@o

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-11-06 Thread Jeremy Tourville

>>>Can you try to run that on command line[1], or can you double check that 
>>>such user exists?

Here is the result of the command:
[root@ldap ~]# ldapsearch -x -H ldap://ldap.cyber-range.lan -b 
'dc=cyber-range,dc=lan' -D 
'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W uid=admin
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base  with scope subtree
# filter: uid=admin
# requesting: ALL
#

# search result
search: 2
result: 0 Success

# numResponses: 1

Basically, I did not create any users except for the ones that were "created" 
during the setup-ds-admin.pl script run. 
https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
I ran the script just like the article did to include names, I did however 
change the server and domain names to match mine.  I didn't create any users 
using the GUI or ldapmodify after the initial setup.  Do I need to create a 
user with the needed bind privileges or is my problem somewhere else?


From: Ondra Machacek 
Sent: Monday, November 5, 2018 4:15 AM
To: Jeremy Tourville; Donny Davis
Cc: users@ovirt.org
Subject: Re: [ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

Looking at logs you may see:

2018-10-31 16:48:09,331-05 FINEPerforming SearchRequest
'SearchRequest(baseDN='dc=cyber-range,dc=lan', scope=SUB, deref=NEVER,
sizeLimit=0, timeLimit=0,
filter='&(objectClass=organizationalPerson)(uid=*)(uid=admin)',
attrs={nsuniqueid, uid, cn, displayName, department, givenName, sn,
title, mail})' request on server 'ldap.cyber-range.lan'
2018-10-31 16:48:09,333-05 FINESearchResult:
SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0,
referencesReturned=0)

So the AAA is trying to search user uid=admin in namespace
dc=cyber-range,dc=lan. But the 389ds return nothing. Can you try to run
that on command line[1], or can you double check that such user exists?

Seems like admin which you use in vars.user, from namespace
o=NetscapeRoot, can't search in namespace dc=cyber-range,dc=lan.

Try to use as vars.use user from namespace dc=cyber-range,dc=lan.

[1] ldapsearch -x -H ldap://ldap.cyber-range.lan -b
'dc=cyber-range,dc=lan' -D
'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W
uid=admin

On 11/2/18 2:01 PM, Jeremy Tourville wrote:
> I have been trying to find the setting to confirm that.
>
> On Nov 2, 2018 7:43 AM, Donny Davis  wrote:
> Is binding allowed in your 389ds instance?
>
>
> On Fri, Nov 2, 2018, 8:11 AM Jeremy Tourville 
> mailto:jeremy_tourvi...@hotmail.com> wrote:
> The backend is 389 DS, no this is not Govt related.  This will be used as a 
> training platform for my local ISSA chapter.  This is a new 389 DS server.  I 
> followed the instructions at 
> https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
> The server is "stock" with the exceptions of the settings for startTLS and 
> adding certificates, etc (basically, whatever is needed to integrate with the 
> Ovirt Engine.)
> I am using my Admin account to perform the bind.  What I don't understand is 
> why everything else in the aaa setup script works except the login sequence.  
> It would seem like my certificates are correct, correct use of the admin DN, 
> etc.  The funny part is I can login to the server using the admin account and 
> password yet the same admin account and password fail when using the aaa 
> setup script.  But, that is why I am using the expert knowledge on the list!  
> Maybe I have overlooked a simple prerequisite setting needed for setup 
> somewhere?
>
> I'll wait for someone to chime in on possible reasons to get this message:
> SEVERE  Authn.Result code is: CREDENTIALS_INVALID
> [ ERROR ] Login sequence failed
>
> __
> Users mailing list -- users@ovirt.org<mailto:users@ovirt.org>
> To unsubscribe send an email to 
> users-le...@ovirt.org<mailto:users-le...@ovirt.org>
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct: 
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives: 
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/TGT7ASCWSUTU6TDT2HIBLBCRL2CEF3G6/
>
>
> ___
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct: 
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives: 
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/JN4AMQUNTFGL2NDUWNDG2AZTF7YIQPN6/
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statem

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-11-05 Thread Ondra Machacek


Looking at logs you may see:

2018-10-31 16:48:09,331-05 FINEPerforming SearchRequest 
'SearchRequest(baseDN='dc=cyber-range,dc=lan', scope=SUB, deref=NEVER, 
sizeLimit=0, timeLimit=0, 
filter='&(objectClass=organizationalPerson)(uid=*)(uid=admin)', 
attrs={nsuniqueid, uid, cn, displayName, department, givenName, sn, 
title, mail})' request on server 'ldap.cyber-range.lan'
2018-10-31 16:48:09,333-05 FINESearchResult: 
SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0, 
referencesReturned=0)


So the AAA is trying to search user uid=admin in namespace 
dc=cyber-range,dc=lan. But the 389ds return nothing. Can you try to run 
that on command line[1], or can you double check that such user exists?


Seems like admin which you use in vars.user, from namespace 
o=NetscapeRoot, can't search in namespace dc=cyber-range,dc=lan.


Try to use as vars.use user from namespace dc=cyber-range,dc=lan.

[1] ldapsearch -x -H ldap://ldap.cyber-range.lan -b 
'dc=cyber-range,dc=lan' -D 
'uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot' -W 
uid=admin


On 11/2/18 2:01 PM, Jeremy Tourville wrote:

I have been trying to find the setting to confirm that.

On Nov 2, 2018 7:43 AM, Donny Davis  wrote:
Is binding allowed in your 389ds instance?


On Fri, Nov 2, 2018, 8:11 AM Jeremy Tourville 
mailto:jeremy_tourvi...@hotmail.com> wrote:
The backend is 389 DS, no this is not Govt related.  This will be used as a 
training platform for my local ISSA chapter.  This is a new 389 DS server.  I 
followed the instructions at 
https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
The server is "stock" with the exceptions of the settings for startTLS and 
adding certificates, etc (basically, whatever is needed to integrate with the Ovirt 
Engine.)
I am using my Admin account to perform the bind.  What I don't understand is 
why everything else in the aaa setup script works except the login sequence.  
It would seem like my certificates are correct, correct use of the admin DN, 
etc.  The funny part is I can login to the server using the admin account and 
password yet the same admin account and password fail when using the aaa setup 
script.  But, that is why I am using the expert knowledge on the list!  Maybe I 
have overlooked a simple prerequisite setting needed for setup somewhere?

I'll wait for someone to chime in on possible reasons to get this message:
SEVERE  Authn.Result code is: CREDENTIALS_INVALID
[ ERROR ] Login sequence failed

__
Users mailing list -- users@ovirt.org
To unsubscribe send an email to 
users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/TGT7ASCWSUTU6TDT2HIBLBCRL2CEF3G6/


___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/JN4AMQUNTFGL2NDUWNDG2AZTF7YIQPN6/


___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/OMANIY4OZWNQBSSEXHCJTHI4VW4IPUGY/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-11-03 Thread Jeremy Tourville

I have been trying to find the setting to confirm that.

On Nov 2, 2018 7:43 AM, Donny Davis  wrote:
Is binding allowed in your 389ds instance?


On Fri, Nov 2, 2018, 8:11 AM Jeremy Tourville 
mailto:jeremy_tourvi...@hotmail.com> wrote:
The backend is 389 DS, no this is not Govt related.  This will be used as a 
training platform for my local ISSA chapter.  This is a new 389 DS server.  I 
followed the instructions at 
https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
The server is "stock" with the exceptions of the settings for startTLS and 
adding certificates, etc (basically, whatever is needed to integrate with the 
Ovirt Engine.)
I am using my Admin account to perform the bind.  What I don't understand is 
why everything else in the aaa setup script works except the login sequence.  
It would seem like my certificates are correct, correct use of the admin DN, 
etc.  The funny part is I can login to the server using the admin account and 
password yet the same admin account and password fail when using the aaa setup 
script.  But, that is why I am using the expert knowledge on the list!  Maybe I 
have overlooked a simple prerequisite setting needed for setup somewhere?

I'll wait for someone to chime in on possible reasons to get this message:
SEVERE  Authn.Result code is: CREDENTIALS_INVALID
[ ERROR ] Login sequence failed

__
Users mailing list -- users@ovirt.org
To unsubscribe send an email to 
users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/TGT7ASCWSUTU6TDT2HIBLBCRL2CEF3G6/

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/JN4AMQUNTFGL2NDUWNDG2AZTF7YIQPN6/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-11-02 Thread Jeremy Tourville

The backend is 389 DS, no this is not Govt related.  This will be used as a 
training platform for my local ISSA chapter.  This is a new 389 DS server.  I 
followed the instructions at 
https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
The server is "stock" with the exceptions of the settings for startTLS and 
adding certificates, etc (basically, whatever is needed to integrate with the 
Ovirt Engine.)
I am using my Admin account to perform the bind.  What I don't understand is 
why everything else in the aaa setup script works except the login sequence.  
It would seem like my certificates are correct, correct use of the admin DN, 
etc.  The funny part is I can login to the server using the admin account and 
password yet the same admin account and password fail when using the aaa setup 
script.  But, that is why I am using the expert knowledge on the list!  Maybe I 
have overlooked a simple prerequisite setting needed for setup somewhere?

I'll wait for someone to chime in on possible reasons to get this message:
SEVERE  Authn.Result code is: CREDENTIALS_INVALID
[ ERROR ] Login sequence failed

__
Users mailing list -- users@ovirt.org
To unsubscribe send an email to 
users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/TGT7ASCWSUTU6TDT2HIBLBCRL2CEF3G6/
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/L44JXLWDDD6WIJTPUKAEQNHDWCPURI7C/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-11-02 Thread Donny Davis

Is binding allowed in your 389ds instance?


On Fri, Nov 2, 2018, 8:11 AM Jeremy Tourville  The backend is 389 DS, no this is not Govt related.  This will be used as
> a training platform for my local ISSA chapter.  This is a new 389 DS
> server.  I followed the instructions at
> https://www.unixmen.com/install-and-configure-ldap-server-in-centos-7/
> The server is "stock" with the exceptions of the settings for startTLS and
> adding certificates, etc (basically, whatever is needed to integrate with
> the Ovirt Engine.)
> I am using my Admin account to perform the bind.  What I don't understand
> is why everything else in the aaa setup script works except the login
> sequence.  It would seem like my certificates are correct, correct use of
> the admin DN, etc.  The funny part is I can login to the server using the
> admin account and password yet the same admin account and password fail
> when using the aaa setup script.  But, that is why I am using the expert
> knowledge on the list!  Maybe I have overlooked a simple prerequisite
> setting needed for setup somewhere?
>
> I'll wait for someone to chime in on possible reasons to get this message:
> SEVERE  Authn.Result code is: CREDENTIALS_INVALID
> [ ERROR ] Login sequence failed
>
>
> __
>
> Users mailing list -- users@ovirt.org
> To unsubscribe send an email to users-le...@ovirt.org
> Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/TGT7ASCWSUTU6TDT2HIBLBCRL2CEF3G6/
>
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/FMUMHLPMX7JZKYJKWYO465KMKA3JCMA4/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-10-31 Thread Jeremy Tourville



From: Jeremy Tourville 
Sent: Thursday, October 25, 2018 7:33 AM
To: Ondra Machacek
Subject: Re: [ovirt-users] ovirt-engine-extension-aaa-ldap-setup failed

I ran the command again after completing the setup wizard as you directed and 
the results are still the same.  Here's the last few lines. I have also 
attached a complete log file for reference.

2018-10-25 07:09:00,679-05 FINEST  VARS-END
2018-10-25 07:09:00,679-05 FINErunSequence Return name='authn'
2018-10-25 07:09:00,680-05 FINEdoAuthenticateCredentials Return 
{Extkey[name=AAA_AUTHN_RESULT;type=class 
java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
2018-10-25 07:09:00,680-05 FINEST  Invoke Output BEGIN
2018-10-25 07:09:00,680-05 FINEST  
{Extkey[name=EXTENSION_INVOKE_RESULT;type=class 
java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=0,
 Extkey[name=AAA_AUTHN_RESULT;type=class 
java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
2018-10-25 07:09:00,680-05 FINEST  Invoke Output END
2018-10-25 07:09:00,680-05 INFOAPI: 
<--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='ldap.cyber-range.lan' 
result=CREDENTIALS_INVALID
2018-10-25 07:09:00,684-05 SEVERE  Authn.Result code is: CREDENTIALS_INVALID
2018-10-25 07:09:00,684-05 FINEException:
java.lang.RuntimeException: Authn.Result code is: CREDENTIALS_INVALID
at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.lambda$static$3(AAAServiceImpl.java:188)
at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.execute(AAAServiceImpl.java:417)
at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl.run(AAAServiceImpl.java:686)
at 
org.ovirt.engine.exttool.core.ExtensionsToolExecutor.main(ExtensionsToolExecutor.java:120)
at org.jboss.modules.Module.run(Module.java:352)
at org.jboss.modules.Module.run(Module.java:320)
at org.jboss.modules.Main.main(Main.java:593)

2018-10-25 07:09:00,685-05 FINEExiting with status '1'




From: Ondra Machacek 
Sent: Thursday, October 25, 2018 2:28 AM
To: Jeremy Tourville; users@ovirt.org
Subject: Re: [ovirt-users] ovirt-engine-extension-aaa-ldap-setup failed



On 10/24/18 1:00 AM, Jeremy Tourville wrote:
> I am having trouble completing the AAA extension setup.  It fails at the end 
> when testing the login flow, if I test the search that part works.
> I can confirm that I am able to login to my system using the admin account so 
> there is not a password issue.
>
> I have listed my results below to include log level=finest.  I have also 
> attached a log.  Sugeestions on troubleshooting are appreciated. I am not 
> sure where to start.  Thanks!
>
>Please provide credentials to test login flow:
>Enter user name: admin
>Enter user password:
> [ INFO  ] Executing login sequence...
>Login output:
>2018-10-23 16:43:46,432-05 INFO
> ===   
>  
> =
>2018-10-23 16:43:46,452-05 INFO 
> Initia
> lization 
>2018-10-23 16:43:46,452-05 INFO
> ===   
>  
> =
>2018-10-23 16:43:46,565-05 INFOLoading extension 
> 'ldap.cyber-range 
>.lan-authn'
>2018-10-23 16:43:46,668-05 INFOExtension 
> 'ldap.cyber-range.lan-aut 
>hn' loaded
>2018-10-23 16:43:46,672-05 INFOLoading extension 
> 'ldap.cyber-range 
>.lan'
>2018-10-23 16:43:46,681-05 INFOExtension 
> 'ldap.cyber-range.lan' lo 
>aded
>2018-10-23 16:43:46,682-05 INFOInitializing extension 
> 'ldap.cyber-  
>   range.lan-authn'
>2018-10-23 16:43:46,682-05 INFO
> [ovirt-engine-extension-aaa-ldap.au   
>  thn::ldap.cyber-range.lan-authn] 
> Creating LDAP pool 'authz'
>2018-10-23 16:43:47,236-05 INFO
> [ovirt-engine-extension-aaa-ldap.au   
>

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-10-25 Thread Ondra Machacek




On 10/24/18 1:00 AM, Jeremy Tourville wrote:

I am having trouble completing the AAA extension setup.  It fails at the end 
when testing the login flow, if I test the search that part works.
I can confirm that I am able to login to my system using the admin account so 
there is not a password issue.

I have listed my results below to include log level=finest.  I have also 
attached a log.  Sugeestions on troubleshooting are appreciated. I am not sure 
where to start.  Thanks!

   Please provide credentials to test login flow:
   Enter user name: admin
   Enter user password:
[ INFO  ] Executing login sequence...
   Login output:
   2018-10-23 16:43:46,432-05 INFO
=== 
   =
   2018-10-23 16:43:46,452-05 INFO 
Initia  
  lization 
   2018-10-23 16:43:46,452-05 INFO
=== 
   =
   2018-10-23 16:43:46,565-05 INFOLoading extension 
'ldap.cyber-range   
 .lan-authn'
   2018-10-23 16:43:46,668-05 INFOExtension 
'ldap.cyber-range.lan-aut   
 hn' loaded
   2018-10-23 16:43:46,672-05 INFOLoading extension 
'ldap.cyber-range   
 .lan'
   2018-10-23 16:43:46,681-05 INFOExtension 'ldap.cyber-range.lan' 
lo  
  aded
   2018-10-23 16:43:46,682-05 INFOInitializing extension 
'ldap.cyber-
range.lan-authn'
   2018-10-23 16:43:46,682-05 INFO
[ovirt-engine-extension-aaa-ldap.au 
   thn::ldap.cyber-range.lan-authn] 
Creating LDAP pool 'authz'
   2018-10-23 16:43:47,236-05 INFO
[ovirt-engine-extension-aaa-ldap.au 
   thn::ldap.cyber-range.lan-authn] 
LDAP pool 'authz' information: vendor='389 Proj 
   ect' 
version='389-Directory/1.3.7.5 B2018.269.1826'
   2018-10-23 16:43:47,237-05 INFO
[ovirt-engine-extension-aaa-ldap.au 
   thn::ldap.cyber-range.lan-authn] 
Creating LDAP pool 'authn'
   2018-10-23 16:43:47,518-05 INFO
[ovirt-engine-extension-aaa-ldap.au 
   thn::ldap.cyber-range.lan-authn] 
LDAP pool 'authn' information: vendor='389 Proj 
   ect' 
version='389-Directory/1.3.7.5 B2018.269.1826'
   2018-10-23 16:43:47,518-05 INFOExtension 
'ldap.cyber-range.lan-aut   
 hn' initialized
   2018-10-23 16:43:47,519-05 INFOInitializing extension 
'ldap.cyber-
range.lan'
   2018-10-23 16:43:47,520-05 INFO
[ovirt-engine-extension-aaa-ldap.au 
   thz::ldap.cyber-range.lan] Creating 
LDAP pool 'authz'
   2018-10-23 16:43:47,759-05 INFO
[ovirt-engine-extension-aaa-ldap.au 
   thz::ldap.cyber-range.lan] LDAP pool 
'authz' information: vendor='389 Project' v 
   
ersion='389-Directory/1.3.7.5 B2018.269.1826'
   2018-10-23 16:43:47,760-05 INFO
[ovirt-engine-extension-aaa-ldap.au 
   thz::ldap.cyber-range.lan] Available 
Namespaces: [dc=cyber-range,dc=lan]
   2018-10-23 16:43:47,760-05 INFOExtension 'ldap.cyber-range.lan' 
in  
  itialized
   2018-10-23 16:43:47,761-05 INFOStart of enabled extensions list
   2018-10-23 16:43:47,761-05 INFO

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-09-25 Thread mopiel games

i send it by email 
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/TKLCFUV2IMFXFAG3AACBKDPPO3DJ4P45/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-09-25 Thread mopiel games

where the log file you want locate ?

On Tue, Sep 25, 2018 at 1:08 PM Ondra Machacek  wrote:

> Can you please share the whole log?
>
> On 9/25/18 8:25 AM, mopiel games wrote:
> > i try it with new user dn:uid=user,dc=exalt,dc=ps but it show this :
> > 2018-09-25 09:23:04,441+03 FINEST  simple_attrsGroupRecord = entryUUID,
> cn, description
> > 2018-09-25 09:23:04,441+03 FINEST  simple_attrsPrincipalRecord =
> entryUUID, uid, cn, displayName, department, givenName, sn, title, mail
> > 2018-09-25 09:23:04,441+03 FINEST  simple_attrsUserName = uid
> > 2018-09-25 09:23:04,441+03 FINEST  simple_baseDN = dc=exalt,dc=ps
> > 2018-09-25 09:23:04,441+03 FINEST  simple_bindFormat = dn
> > 2018-09-25 09:23:04,441+03 FINEST  simple_filterGroupObject =
> (objectClass=groupOfNames)
> > 2018-09-25 09:23:04,441+03 FINEST  simple_filterUserObject =
> (objectClass=uidObject)(uid=*)
> > 2018-09-25 09:23:04,441+03 FINEST  simple_groupLogic = member
> > 2018-09-25 09:23:04,441+03 FINEST  stop = true
> > 2018-09-25 09:23:04,441+03 FINEST  user = user
> > 2018-09-25 09:23:04,441+03 FINEST  VARS-END
> > 2018-09-25 09:23:04,441+03 FINErunSequence Return name='authn'
> > 2018-09-25 09:23:04,441+03 FINEdoAuthenticateCredentials Return
> {Extkey[name=AAA_AUTHN_RESULT;type=class
> java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
> > 2018-09-25 09:23:04,441+03 FINEST  Invoke Output BEGIN
> > 2018-09-25 09:23:04,441+03 FINEST
> {Extkey[name=EXTENSION_INVOKE_RESULT;type=class
> java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=0,
> Extkey[name=AAA_AUTHN_RESULT;type=class
> java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
> > 2018-09-25 09:23:04,441+03 FINEST  Invoke Output END
> > 2018-09-25 09:23:04,442+03 INFOAPI:
> <--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='ldap23.exalt.ps'
> result=CREDENTIALS_INVALID
> > 2018-09-25 09:23:04,445+03 SEVERE  Authn.Result code is:
> CREDENTIALS_INVALID
> > 2018-09-25 09:23:04,445+03 FINEException:
> > java.lang.RuntimeException: Authn.Result code is: CREDENTIALS_INVALID
> >  at
> org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.lambda$static$3(AAAServiceImpl.java:188)
> >  at
> org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.execute(AAAServiceImpl.java:417)
> >  at
> org.ovirt.engine.exttool.aaa.AAAServiceImpl.run(AAAServiceImpl.java:686)
> >  at
> org.ovirt.engine.exttool.core.ExtensionsToolExecutor.main(ExtensionsToolExecutor.java:120)
> >  at org.jboss.modules.Module.run(Module.java:352)
> >  at org.jboss.modules.Module.run(Module.java:320)
> >  at org.jboss.modules.Main.main(Main.java:593)
> >
> > 2018-09-25 09:23:04,446+03 FINEExiting with status '1'
> > ___
> > Users mailing list -- users@ovirt.org
> > To unsubscribe send an email to users-le...@ovirt.org
> > Privacy Statement: https://www.ovirt.org/site/privacy-policy/
> > oVirt Code of Conduct:
> https://www.ovirt.org/community/about/community-guidelines/
> > List Archives:
> https://lists.ovirt.org/archives/list/users@ovirt.org/message/YEEHGMJQASFSOUG554SKW7WRUBIG436F/
> >
>
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/P3HSSM5BDE5FU3XPDAGQWOI4TCRJ6VV5/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-09-25 Thread mustafa taha

Hi 
 Which log file you want   ? 

Sent from Mail for Windows 10

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/7PUXAX4HV4OPRBLVGQAC5DEBV2AY6O5I/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-09-25 Thread Ondra Machacek


Can you please share the whole log?

On 9/25/18 8:25 AM, mopiel games wrote:

i try it with new user dn:uid=user,dc=exalt,dc=ps but it show this :
2018-09-25 09:23:04,441+03 FINEST  simple_attrsGroupRecord = entryUUID, cn, 
description
2018-09-25 09:23:04,441+03 FINEST  simple_attrsPrincipalRecord = entryUUID, 
uid, cn, displayName, department, givenName, sn, title, mail
2018-09-25 09:23:04,441+03 FINEST  simple_attrsUserName = uid
2018-09-25 09:23:04,441+03 FINEST  simple_baseDN = dc=exalt,dc=ps
2018-09-25 09:23:04,441+03 FINEST  simple_bindFormat = dn
2018-09-25 09:23:04,441+03 FINEST  simple_filterGroupObject = 
(objectClass=groupOfNames)
2018-09-25 09:23:04,441+03 FINEST  simple_filterUserObject = 
(objectClass=uidObject)(uid=*)
2018-09-25 09:23:04,441+03 FINEST  simple_groupLogic = member
2018-09-25 09:23:04,441+03 FINEST  stop = true
2018-09-25 09:23:04,441+03 FINEST  user = user
2018-09-25 09:23:04,441+03 FINEST  VARS-END
2018-09-25 09:23:04,441+03 FINErunSequence Return name='authn'
2018-09-25 09:23:04,441+03 FINEdoAuthenticateCredentials Return 
{Extkey[name=AAA_AUTHN_RESULT;type=class 
java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
2018-09-25 09:23:04,441+03 FINEST  Invoke Output BEGIN
2018-09-25 09:23:04,441+03 FINEST  
{Extkey[name=EXTENSION_INVOKE_RESULT;type=class 
java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=0,
 Extkey[name=AAA_AUTHN_RESULT;type=class 
java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
2018-09-25 09:23:04,441+03 FINEST  Invoke Output END
2018-09-25 09:23:04,442+03 INFOAPI: 
<--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='ldap23.exalt.ps' 
result=CREDENTIALS_INVALID
2018-09-25 09:23:04,445+03 SEVERE  Authn.Result code is: CREDENTIALS_INVALID
2018-09-25 09:23:04,445+03 FINEException:
java.lang.RuntimeException: Authn.Result code is: CREDENTIALS_INVALID
 at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.lambda$static$3(AAAServiceImpl.java:188)
 at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.execute(AAAServiceImpl.java:417)
 at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl.run(AAAServiceImpl.java:686)
 at 
org.ovirt.engine.exttool.core.ExtensionsToolExecutor.main(ExtensionsToolExecutor.java:120)
 at org.jboss.modules.Module.run(Module.java:352)
 at org.jboss.modules.Module.run(Module.java:320)
 at org.jboss.modules.Main.main(Main.java:593)

2018-09-25 09:23:04,446+03 FINEExiting with status '1'
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/YEEHGMJQASFSOUG554SKW7WRUBIG436F/


___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ZMI6OXB5B5RLJELLQ5HDBDKISIZZDD4H/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-09-25 Thread mopiel games

i try it with new user dn:uid=user,dc=exalt,dc=ps but it show this :
2018-09-25 09:23:04,441+03 FINEST  simple_attrsGroupRecord = entryUUID, cn, 
description
2018-09-25 09:23:04,441+03 FINEST  simple_attrsPrincipalRecord = entryUUID, 
uid, cn, displayName, department, givenName, sn, title, mail
2018-09-25 09:23:04,441+03 FINEST  simple_attrsUserName = uid
2018-09-25 09:23:04,441+03 FINEST  simple_baseDN = dc=exalt,dc=ps
2018-09-25 09:23:04,441+03 FINEST  simple_bindFormat = dn
2018-09-25 09:23:04,441+03 FINEST  simple_filterGroupObject = 
(objectClass=groupOfNames)
2018-09-25 09:23:04,441+03 FINEST  simple_filterUserObject = 
(objectClass=uidObject)(uid=*)
2018-09-25 09:23:04,441+03 FINEST  simple_groupLogic = member
2018-09-25 09:23:04,441+03 FINEST  stop = true
2018-09-25 09:23:04,441+03 FINEST  user = user
2018-09-25 09:23:04,441+03 FINEST  VARS-END
2018-09-25 09:23:04,441+03 FINErunSequence Return name='authn'
2018-09-25 09:23:04,441+03 FINEdoAuthenticateCredentials Return 
{Extkey[name=AAA_AUTHN_RESULT;type=class 
java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
2018-09-25 09:23:04,441+03 FINEST  Invoke Output BEGIN
2018-09-25 09:23:04,441+03 FINEST  
{Extkey[name=EXTENSION_INVOKE_RESULT;type=class 
java.lang.Integer;uuid=EXTENSION_INVOKE_RESULT[0909d91d-8bde-40fb-b6c0-099c772ddd4e];]=0,
 Extkey[name=AAA_AUTHN_RESULT;type=class 
java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12}
2018-09-25 09:23:04,441+03 FINEST  Invoke Output END
2018-09-25 09:23:04,442+03 INFOAPI: 
<--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='ldap23.exalt.ps' 
result=CREDENTIALS_INVALID
2018-09-25 09:23:04,445+03 SEVERE  Authn.Result code is: CREDENTIALS_INVALID
2018-09-25 09:23:04,445+03 FINEException:
java.lang.RuntimeException: Authn.Result code is: CREDENTIALS_INVALID
at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.lambda$static$3(AAAServiceImpl.java:188)
at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl$Action.execute(AAAServiceImpl.java:417)
at 
org.ovirt.engine.exttool.aaa.AAAServiceImpl.run(AAAServiceImpl.java:686)
at 
org.ovirt.engine.exttool.core.ExtensionsToolExecutor.main(ExtensionsToolExecutor.java:120)
at org.jboss.modules.Module.run(Module.java:352)
at org.jboss.modules.Module.run(Module.java:320)
at org.jboss.modules.Main.main(Main.java:593)

2018-09-25 09:23:04,446+03 FINEExiting with status '1'
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/YEEHGMJQASFSOUG554SKW7WRUBIG436F/

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

2018-09-24 Thread Ondra Machacek

If you are sure you are passing correct credentials, then please save 
the correct configuration and run following command:


 $ ovirt-engine-extensions-tool --log-level=FINEST aaa login-user 
--user-name=taha --profile=ldap23.exalt.ps


and share the output.

On 9/24/18 11:11 AM, mopiel games wrote:

in the ovirt-engine-extension-aaa-ldap-setup i  try to login to the ldap user 
but it show  CREDENTIALS_INVALID ,put if i make search option it will show 
successful :
the question is how to make login successfully ?
  
[root@ovirt_engine home]# ovirt-engine-extension-aaa-ldap-setup

[ INFO  ] Stage: Initializing
[ INFO  ] Stage: Environment setup
   Configuration files: 
['/etc/ovirt-engine-extension-aaa-ldap-setup.conf.d/10-packa

  ging.conf']
   Log file: 
/tmp/ovirt-engine-extension-aaa-ldap-setup-20180924120156-wutrcv.log
   Version: otopi-1.7.8 (otopi-1.7.8-1.el7)
[ INFO  ] Stage: Environment packages setup
[ INFO  ] Stage: Programs detection
[ INFO  ] Stage: Environment customization
   Welcome to LDAP extension configuration program
   Available LDAP implementations:
1 - 389ds
2 - 389ds RFC-2307 Schema
3 - Active Directory
4 - IBM Security Directory Server
5 - IBM Security Directory Server RFC-2307 Schema
6 - IPA
7 - Novell eDirectory RFC-2307 Schema
8 - OpenLDAP RFC-2307 Schema
9 - OpenLDAP Standard Schema
   10 - Oracle Unified Directory RFC-2307 Schema
   11 - RFC-2307 Schema (Generic)
   12 - RHDS
   13 - RHDS RFC-2307 Schema
   14 - iPlanet
   Please select: 9

   NOTE:
   It is highly recommended to use DNS resolution for LDAP server.
   If for some reason you intend to use hosts or plain address disable 
DNS usage.

   Use DNS (Yes, No) [Yes]:
   Available policy method:
1 - Single server
2 - DNS domain LDAP SRV record
3 - Round-robin between multiple hosts
4 - Failover between multiple hosts
   Please select: 1
   Please enter host address: ldap23.exalt.ps
[ INFO  ] Trying to resolve host 'ldap23.exalt.ps'

   NOTE:
   It is highly recommended to use secure protocol to access the LDAP 
server.
   Protocol startTLS is the standard recommended method to do so.
   Only in cases in which the startTLS is not supported, fallback to 
non standard ld 

 aps protocol.
   Use plain for test environments only.

   Please select protocol to use (startTLS, ldaps, plain) [startTLS]: 
ldaps
   Please select method to obtain PEM encoded CA certificate (File, 
URL, Inline, Sys

  tem, Insecure): file
   File path: /home/server.pem
[ INFO  ] Connecting to LDAP using 'ldaps://ldap23.exalt.ps:636'
[ INFO  ] Connection succeeded
   Enter search user DN (for example uid=username,dc=example,dc=com or 
leave empty f   
   
or anonymous): cn=admin,dc=exalt,dc=ps
   Enter search user password:
[ INFO  ] Attempting to bind using 'cn=admin,dc=exalt,dc=ps'
   Please enter base DN (dc=exalt,dc=ps) [dc=exalt,dc=ps]:
   Are you going to use Single Sign-On for Virtual Machines (Yes, No) 
[Yes]: no
   Please specify profile name that will be visible to users 
[ldap23.exalt.ps]:
[ INFO  ] Stage: Setup validation

   NOTE:
   It is highly recommended to test drive the configuration before 
applying it into

   engine.
   Login sequence is executed automatically, but it is recommended to 
also execute S  

earch sequence manually after successful Login sequence.

   Please provide credentials to test login flow:
   Enter user name: taha
   Enter user password:
[ INFO  ] Executing login sequence...
   Login output:
   2018-09-24 12:03:10,832+03 INFO
==

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

[ovirt-users] Re: ovirt-engine-extension-aaa-ldap-setup failed

15 matches

Site Navigation

Mail list logo

Footer information