Thanks! That fixed it (I just added the Admin user back to SuperUser group via the web interface with an LDAP account that had SuperUser).
From: Ravi Shankar Nori <[email protected]> Sent: November 26, 2018 12:14 PM To: Greg Sheremeta <[email protected]> Cc: Shawn Southern <[email protected]>; [email protected] Subject: Re: [ovirt-users] The user admin@internal is not authorized to perform login Looks like the permissions for admin@internal were removed by another admin user You can try the following 1. Get the admin user external id select external_id from users where name = 'admin' and domain = 'internal-authz' 2. Add permissions for admin user select attach_user_to_role( 'admin', 'internal-authz', '*', 'b71c937c-441b-42cc-bf21-33fa2d9704ce', <=== the external id from above 'SuperUser' ) Let us know if it helps On Sat, Nov 24, 2018 at 9:22 AM Greg Sheremeta <[email protected]<mailto:[email protected]>> wrote: Perhaps Ravi can assist with this. ---------- Forwarded message --------- From: Shawn Southern <[email protected]<mailto:[email protected]>> Date: Fri, Nov 23, 2018 at 9:52 PM Subject: [ovirt-users] The user admin@internal is not authorized to perform login To: [email protected]<mailto:[email protected]> <[email protected]<mailto:[email protected]>> No one can log in to our oVirt instance today. LDAP users cannot authenticate, and the internal ‘admin’ user gets “The user admin@internal is not authorized to perform login” after being authenticated. From engine.log: 2018-11-23 10:17:12,454-05 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-24) [] User admin@internal successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access 2018-11-23 10:17:12,576-05 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-24) [43bd2e4f] Running command: CreateUserSessionCommand internal: false. 2018-11-23 10:17:12,584-05 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-24) [43bd2e4f] EVENT_ID: USER_VDC_LOGIN_FAILED(114), User admin@internal-authz connecting from '10.11.12.13' failed to log in<UNKNOWN>. 2018-11-23 10:17:12,585-05 ERROR [org.ovirt.engine.core.aaa.servlet.SsoPostLoginServlet] (default task-24) [] The user admin@internal is not authorized to perform login Where do I go from here? _______________________________________________ Users mailing list -- [email protected]<mailto:[email protected]> To unsubscribe send an email to [email protected]<mailto:[email protected]> Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/OQNDRRXT3EZGGKGMBDIRZRLJYC2546N4/ -- GREG SHEREMETA SENIOR SOFTWARE ENGINEER - TEAM LEAD - RHV UX Red Hat NA <https://www.redhat.com/> [email protected]<mailto:[email protected]> IRC: gshereme [Image removed by sender.]<https://red.ht/sig>
_______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected] Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/[email protected]/message/LZ3UXATM5HY66G6ZWIROJNO2IWUSJWKD/
