Hello Ondra, Log is empty [root@vhe00 ~]# ls -la /var/log/httpd/ssl_error_log -rw-r--r--. 1 root root 0 Feb 2 04:45 /var/log/httpd/ssl_error_log
Slava. From: "Ondra Machacek" <omach...@redhat.com> To: "Slava Bendersky" <volga...@networklab.ca> Cc: "users" <users@ovirt.org>, "Ravi" <rn...@redhat.com> Sent: Saturday, February 4, 2017 10:35:31 AM Subject: Re: [ovirt-users] FreeIPA with ovirt 4.1 On Feb 4, 2017 1:21 AM, "Slava Bendersky" < [ mailto:volga...@networklab.ca | volga...@networklab.ca ] > wrote: Hello Everyone, Having trouble implement FreeIPA authentication with GSSAPI SSO and ovirt 4.1. I ran setup and it finished OK then it wrote the files bellow. Next I log to web admin with internal user and added FeeIPA user as SuperUser role. Also I added under System FreeIPA group authorized to login on any attempt to login with FreeIPA credentials getting message 2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet] (default task-6) [] Internal Server Error: Unsupported command 2017-02-04 00:03:08,464Z ERROR [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-6) [] Unsupported command 2017-02-04 00:03:08,659Z ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-3) [] server_error: Unsupported command Ravi, do you know what this can cause? BQ_BEGIN Also when in extensions.d directory contain the following files. If I remove mydomain.lan-authn.properties then in web ui FreeIPA domain not showing up in drop down list. Any http don't have influence on this. BQ_END That is correct behavior, we dont show profiles, which uses http for authn. BQ_BEGIN [root@vhe00 extensions.d]# pwd /etc/ovirt-engine/extensions.d [root@vhe00 extensions.d]# ls mydomain.lan-authn.properties mydomain.lan -http-authn.properties mydomain.lan .properties internal-authz.properties mydomain.lan -authz.properties mydomain.lan -http-mapping.properties internal-authn.properties [root@vhe00 extensions.d]# If possible clarify how it should be and what is possible issue. BQ_END Can you please take a look to /var/log/httpd/ssl_error_log if any errors there? BQ_BEGIN Slava. _______________________________________________ Users mailing list [ mailto:Users@ovirt.org | Users@ovirt.org ] [ http://lists.ovirt.org/mailman/listinfo/users | http://lists.ovirt.org/mailman/listinfo/users ] BQ_END
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users