For those wondering, I was able to fix this by running ovirt-engine-extension-aaa-ldap-setup and setting the CA certificate method to "Insecure".
> Please select method to obtain PEM encoded CA certificate (File, URL, Inline, System, Insecure): Insecure I was previously using "System" but that does not work despite our internal CA being installed as a trusted certificate authority. On 09/11/2018 10:07 AM, Michael Watters wrote: > I've just upgraded our ovirt engine server to ovirt 4.6 and it appears > that LDAP logins no longer work. When I attempt to log in using an AD > account the following errors are shown in the engine log. > > 2018-09-11 10:03:44,610-04 ERROR > [org.ovirt.engine.core.sso.servlets.InteractiveAuthServlet] (default > task-10) [] Internal Server Error: Cannot locate principal > 'usern...@example.com' > 2018-09-11 10:03:44,610-04 ERROR > [org.ovirt.engine.core.sso.utils.SsoUtils] (default task-10) [] Cannot > locate principal 'usern...@example.com' > 2018-09-11 10:03:44,645-04 ERROR > [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default > task-10) [] server_error: Cannot locate principal 'usern...@example.com' > > I have not changed any LDAP settings and ldapsearch is able to find this > object without any issues. Does anybody have any idea what would cause > this? > > > _______________________________________________ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/site/privacy-policy/ > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/JRRXINSYZXLGD4YCQL5NKEIRGMOCV4AV/ _______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/G5CBMR7SIB5BAYCYTBWAIV7GQ232ERHO/