On 2/27/20 5:04 PM, Budur Nagaraju wrote:
Am using ldaps not starttls, when i do dig able to resolve the, not
sure where exactly doing mistake.
I don't understand. So what dig command of the SRV did you use and what
it returns?
And why you have in one error _ldaps._tcp.psecure.net
<http://tcp.psecure.net> and another _ldaps._tcp.abc.net
<http://tcp.psecure.net>?
Please, also send the settings from /etc/ovirt-engine/aaa/ and engine log.
Using 4.3 version.
Thanks,
Nagaraju
On Thu, Feb 27, 2020, 9:22 PM Lucie Leistnerova <[email protected]
<mailto:[email protected]>> wrote:
Hi, I've checked again the options in the aaa tool.
On 2/27/20 4:20 PM, Budur Nagaraju wrote:
can some one help me on the issue ? badly stuck on this have not
got any pointer on fix .
An error occurred while attempting to query DNS in order to
retrieve SRV records with name '_ldaps._tcp.abc.net
<http://tcp.psecure.net>': NameNotFoundException(DNS name not
found [response code 3]), ldapSDKVersion=4.0.7,
revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58
It seems your DNS is not configured to resolve ldap servers.
Please disable DNS and use direct fqdn/ip of the server or
configure the DNS SRV record.
From the documentation:
Press *Enter* to accept the default and configure domain name
resolution for your LDAP server name:
|It is highly recommended to use DNS resolution for LDAP server.
If for some reason you intend to use hosts or plain address
disable DNS usage. Use DNS (Yes, No) [Yes]: |||
||
||
Thanks,
Nagaraju
On Thu, Feb 27, 2020 at 8:48 PM Budur Nagaraju <[email protected]
<mailto:[email protected]>> wrote:
Hi Lucie,
Can you please help me on this issue? am using ldaps for the
configuration.
Thanks,
Nagaraju
On Thu, Feb 27, 2020 at 4:00 PM Budur Nagaraju
<[email protected] <mailto:[email protected]>> wrote:
Hi Lucie,
Have tried the option but when trying to logon from the
browser getting the below error.
Any tweaks can be made ?
An error occurred while attempting to query DNS in order
to retrieve SRV records with name
'_ldaps._tcp.psecure.net <http://tcp.psecure.net>':
NameNotFoundException(DNS name not found [response code
3]), ldapSDKVersion=4.0.7,
revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58
Thanks,
Nagaraju
On Thu, Feb 27, 2020 at 3:51 PM Lucie Leistnerova
<[email protected] <mailto:[email protected]>> wrote:
Hi Budur,
or just use the tool for it - Configuring an External
LDAP Provider
https://www.ovirt.org/documentation/admin-guide/chap-Users_and_Roles.html
Best regards,
Lucie
On 2/27/20 9:32 AM, Eduardo Mayoral wrote:
Should be as simple as this:
[root@ovirt-hc0 ~]# cat
/etc/ovirt-engine/aaa//activedirectory/.properties
include = <ad.properties>
vars.domain = XXXXXX
vars.user = YYYYYYYYYYY
vars.password = ZZZZZZZZZ
*pool.default.ssl.startTLS = true**
**pool.default.ssl.startTLSProtocol = TLSv1.2*
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password =
${global:vars.password}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain =
${global:vars.domain}
Just remember to trust the certificate authority for
the ldaps certificate in the ovirt engine server.
https://stackoverflow.com/questions/37043442/how-to-add-certificate-authority-file-in-centos-7
On 27/2/20 4:42, Budur Nagaraju wrote:
Hi
Can someone help me in configuring ldaps in oVirt
Engine 4.x ?
Thanks,
Nagaraju
_______________________________________________
Users mailing list [email protected] <mailto:[email protected]>
To unsubscribe send an email [email protected]
<mailto:[email protected]>
Privacy Statement:https://www.ovirt.org/site/privacy-policy/
oVirt Code of
Conduct:https://www.ovirt.org/community/about/community-guidelines/
List
Archives:https://lists.ovirt.org/archives/list/[email protected]/message/P6QHPSFZLOZ6EZEVFQPBNII37PNIATU3/
--
Eduardo Mayoral Jimeno
Systems engineer, platform department. Arsys Internet.
[email protected] <mailto:[email protected]> - +34 941 620
105 - ext 2153
_______________________________________________
Users mailing list [email protected] <mailto:[email protected]>
To unsubscribe send an email [email protected]
<mailto:[email protected]>
Privacy Statement:https://www.ovirt.org/site/privacy-policy/
oVirt Code of
Conduct:https://www.ovirt.org/community/about/community-guidelines/
List
Archives:https://lists.ovirt.org/archives/list/[email protected]/message/ADWCGNS353CUN3CIHFBZDUWAXRHL66JB/
--
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA
IRC: lleistne @ #rhev-qe
--
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA
IRC: lleistne @ #rhev-qe
--
Lucie Leistnerova
Senior Quality Engineer, QE Cloud, RHVM
Red Hat EMEA
IRC: lleistne @ #rhev-qe
_______________________________________________
Users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct:
https://www.ovirt.org/community/about/community-guidelines/
List Archives:
https://lists.ovirt.org/archives/list/[email protected]/message/EO4KGMG6KBWXIIY5M237T3E7BMH4YFS7/
