The best is to use this tool: $ ovirt-engine-extensions-tool --log-level=FINEST aaa search --extension-name=your-openldap-authz-name --entity-name=myuser
It prints pretty verbose output, which you can analyze. On Mon, Aug 7, 2017 at 9:01 AM, NUNIN Roberto <roberto.nu...@comifar.it> wrote: > I’ve two oVirt 4.1.4.2-1 pods used for labs. > > > > These two pods are configured in the same way (three node with gluster) > > > > Trying to setup LDAP auth, towards the same OpenLDAP server, setup ends > correctly in both engine VM. > > When I try to perform system permission modification, only one of these is > recognizing the LDAP groups and allow setup and next users belonging to > defined groups to log-in and perform assigned level tasks. > > > > On the second engine, system permissions, even if it recognize the LDAP > domain (it appear in the selection box for search base) do not find nothing, > groups or individuals. > > How to analyze this ? I wasn’t able to find logs useful for troubleshooting. > > > > Setup ended correctly with both Login and Search tasks complete successful. > > Thanks > > > > Roberto > > > > > > > > > > > ________________________________ > > Questo messaggio e' indirizzato esclusivamente al destinatario indicato e > potrebbe contenere informazioni confidenziali, riservate o proprietarie. > Qualora la presente venisse ricevuta per errore, si prega di segnalarlo > immediatamente al mittente, cancellando l'originale e ogni sua copia e > distruggendo eventuali copie cartacee. Ogni altro uso e' strettamente > proibito e potrebbe essere fonte di violazione di legge. > > This message is for the designated recipient only and may contain > privileged, proprietary, or otherwise private information. If you have > received it in error, please notify the sender immediately, deleting the > original and all copies and destroying any hard copies. Any other use is > strictly prohibited and may be unlawful. > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users