Thanks! I excuted "ovirt-engine-extension-aaa-ldap-setup", but I got an error. 
Is there anything wrong?

[root@engine ~]# ovirt-engine-extension-aaa-ldap-setup 
[ INFO  ] Stage: Initializing
[ INFO  ] Stage: Environment setup
          Configuration files: 
['/etc/ovirt-engine-extension-aaa-ldap-setup.conf.d/10-packaging.conf']
          Log file: 
/tmp/ovirt-engine-extension-aaa-ldap-setup-20170608112535-jll8t2.log
          Version: otopi-1.6.2 (otopi-1.6.2-1.el7.centos)
[ INFO  ] Stage: Environment packages setup
[ INFO  ] Stage: Programs detection
[ INFO  ] Stage: Environment customization
          Welcome to LDAP extension configuration program
          Available LDAP implementations:
           1 - 389ds
           2 - 389ds RFC-2307 Schema
           3 - Active Directory
           4 - IBM Security Directory Server
           5 - IBM Security Directory Server RFC-2307 Schema
           6 - IPA
           7 - Novell eDirectory RFC-2307 Schema
           8 - OpenLDAP RFC-2307 Schema
           9 - OpenLDAP Standard Schema
          10 - Oracle Unified Directory RFC-2307 Schema
          11 - RFC-2307 Schema (Generic)
          12 - RHDS
          13 - RHDS RFC-2307 Schema
          14 - iPlanet
          Please select: 3
          Please enter Active Directory Forest name: horebdata.com
[ INFO  ] Resolving Global Catalog SRV record for horebdata.com
[ INFO  ] Resolving LDAP SRV record for horebdata.com
          NOTE:
          It is highly recommended to use secure protocol to access the LDAP 
server.
          Protocol startTLS is the standard recommended method to do so.
          Only in cases in which the startTLS is not supported, fallback to non 
standard ldaps protocol.
          Use plain for test environments only.
          Please select protocol to use (startTLS, ldaps, plain) [startTLS]: 
plain
[ INFO  ] Resolving SRV record 'horebdata.com'
[ INFO  ] Connecting to LDAP using 'ldap://win-fvdsocg3abj.horebdata.com:389'
[ INFO  ] Connection succeeded
          Enter search user DN (for example uid=username,dc=example,dc=com or 
leave empty for anonymous): 
[ INFO  ] Attempting to bind using '[Anonymous]'
          Are you going to use Single Sign-On for Virtual Machines (Yes, No) 
[No]: yes
          NOTE:
          Profile name has to match domain name, otherwise Single Sign-On for 
Virtual Machines will not work.
          Please specify profile name that will be visible to users 
[horebdata.com]: 
[ INFO  ] Stage: Setup validation
          The following files are about to be overwritten:
              /etc/ovirt-engine/extensions.d/horebdata.com-authn.properties
              /etc/ovirt-engine/extensions.d/horebdata.com.properties
              /etc/ovirt-engine/aaa/horebdata.com.properties
          Continue and overwrite? (Yes, No) [No]: yes
          NOTE:
          It is highly recommended to test drive the configuration before 
applying it into engine.
          Perform at least one Login sequence and one Search sequence.
          Select test sequence to execute (Done, Abort, Login, Search) [Abort]: 
login
          Enter user name: horebdata
          Enter user password: 
[ INFO  ] Executing login sequence...
          Login output:
          2017-06-08 11:26:09,446+08 INFO    
========================================================================
          2017-06-08 11:26:09,463+08 INFO    ============================ 
Initialization ============================
          2017-06-08 11:26:09,463+08 INFO    
========================================================================
          2017-06-08 11:26:09,475+08 INFO    Loading extension 
'horebdata.com-authn'
          2017-06-08 11:26:09,517+08 INFO    Extension 'horebdata.com-authn' 
loaded
          2017-06-08 11:26:09,522+08 INFO    Loading extension 'horebdata.com'
          2017-06-08 11:26:09,530+08 INFO    Extension 'horebdata.com' loaded
          2017-06-08 11:26:09,531+08 INFO    Initializing extension 
'horebdata.com-authn'
          2017-06-08 11:26:09,532+08 INFO    
[ovirt-engine-extension-aaa-ldap.authn::horebdata.com-authn] Creating LDAP pool 
'authz'
          2017-06-08 11:26:09,620+08 INFO    
[ovirt-engine-extension-aaa-ldap.authn::horebdata.com-authn] LDAP pool 'authz' 
information: vendor='null' version='null'
          2017-06-08 11:26:09,621+08 INFO    
[ovirt-engine-extension-aaa-ldap.authn::horebdata.com-authn] Creating LDAP pool 
'authn'
          2017-06-08 11:26:09,636+08 INFO    
[ovirt-engine-extension-aaa-ldap.authn::horebdata.com-authn] LDAP pool 'authn' 
information: vendor='null' version='null'
          2017-06-08 11:26:09,649+08 WARNING 
[ovirt-engine-extension-aaa-ldap.authn::horebdata.com-authn] Cannot initialize 
LDAP framework, deferring initialization. Error: Unexpected comma or semicolon 
found at the end of the DN string.
          2017-06-08 11:26:09,650+08 INFO    Extension 'horebdata.com-authn' 
initialized
          2017-06-08 11:26:09,650+08 INFO    Initializing extension 
'horebdata.com'
          2017-06-08 11:26:09,651+08 INFO    
[ovirt-engine-extension-aaa-ldap.authz::horebdata.com] Creating LDAP pool 
'authz'
          2017-06-08 11:26:09,679+08 INFO    
[ovirt-engine-extension-aaa-ldap.authz::horebdata.com] LDAP pool 'authz' 
information: vendor='null' version='null'
          2017-06-08 11:26:09,679+08 INFO    
[ovirt-engine-extension-aaa-ldap.authz::horebdata.com] Creating LDAP pool 'gc'
          2017-06-08 11:26:09,694+08 INFO    
[ovirt-engine-extension-aaa-ldap.authz::horebdata.com] LDAP pool 'gc' 
information: vendor='null' version='null'
          2017-06-08 11:26:09,697+08 WARNING 
[ovirt-engine-extension-aaa-ldap.authz::horebdata.com] Cannot initialize LDAP 
framework, deferring initialization. Error: Unexpected comma or semicolon found 
at the end of the DN string.
          2017-06-08 11:26:09,697+08 INFO    Extension 'horebdata.com' 
initialized
          2017-06-08 11:26:09,697+08 INFO    Start of enabled extensions list
          2017-06-08 11:26:09,697+08 INFO    Instance name: 'horebdata.com', 
Extension name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.3.1', 
Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.3.1-1.el7.centos', 
License: 'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', 
Build interface Version: '0',  File: 
'/tmp/tmpHfBhQf/extensions.d/horebdata.com.properties', Initialized: 'true'
          2017-06-08 11:26:09,698+08 INFO    Instance name: 
'horebdata.com-authn', Extension name: 'ovirt-engine-extension-aaa-ldap.authn', 
Version: '1.3.1', Notes: 'Display name: 
ovirt-engine-extension-aaa-ldap-1.3.1-1.el7.centos', License: 'ASL 2.0', Home: 
'http://www.ovirt.org', Author 'The oVirt Project', Build interface Version: 
'0',  File: '/tmp/tmpHfBhQf/extensions.d/horebdata.com-authn.properties', 
Initialized: 'true'
          2017-06-08 11:26:09,698+08 INFO    End of enabled extensions list
          2017-06-08 11:26:09,698+08 INFO    
========================================================================
          2017-06-08 11:26:09,698+08 INFO    ============================== 
Execution ===============================
          2017-06-08 11:26:09,698+08 INFO    
========================================================================
          2017-06-08 11:26:09,698+08 INFO    Iteration: 0
          2017-06-08 11:26:09,699+08 INFO    Profile='horebdata.com' 
authn='horebdata.com-authn' authz='horebdata.com' mapping='null'
          2017-06-08 11:26:09,699+08 INFO    API: 
-->Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='horebdata.com' 
user='horebdata'
          2017-06-08 11:26:09,702+08 WARNING 
[ovirt-engine-extension-aaa-ldap.authn::horebdata.com-authn] Cannot initialize 
LDAP framework, deferring initialization. Error: Unexpected comma or semicolon 
found at the end of the DN string.
          2017-06-08 11:26:09,703+08 SEVERE  Unexpected comma or semicolon 
found at the end of the DN string.
[ ERROR ] Login sequence failed
          Please investigate details of the failure (search for lines 
containing SEVERE log level).
          Select test sequence to execute (Done, Abort, Login, Search) [Abort]: 
 
From: Ondra Machacek
Date: 2017-06-07 14:47
To: qinglong.d...@horebdata.cn
CC: users
Subject: Re: [ovirt-users] active directory
Or you can try the migration tool:
 
https://github.com/oVirt/ovirt-engine-kerbldap-migration
 
Check the README, there are instructions how to procceed.
 
On Wed, Jun 7, 2017 at 8:33 AM, Latchezar Filtchev <lat...@aubg.bg> wrote:
> This can help you:
>
>
>
> http://lists.ovirt.org/pipermail/users/2016-September/042937.html
>
>
>
> Best,
>
> Latcho
>
>
>
>
>
> From: users-boun...@ovirt.org [mailto:users-boun...@ovirt.org] On Behalf Of
> qinglong.d...@horebdata.cn
> Sent: Wednesday, June 07, 2017 4:57 AM
> To: users
> Subject: [ovirt-users] active directory
>
>
>
> Hi all,
>
>         I used "engine-manage-domains" to add AD to ovirt in earlier
> version. What should I do in ovirt 4.1? Hope someone can help. Thanks!
>
>
> _______________________________________________
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>
 
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Reply via email to