Hello ,

I think I resolved this issue. It is dig response when resolving the domain 

CentOS-7 - bind-utils-9.11.4-16.P2.el7_8.6.x86_64; Windows AD level 2008R2; in 
my case dig returns answer with

mb118.local.       600         IN           A   

IP address returned is address of DC

CentOS-8 - bind-utils-9.11.20-5.el8.x86_64; Same Domain Controller; dig returns 
answer without ;;ANSWER SECTION e.g. IP address of DC cannot be identified.

The solution is to add directive '+nocookie', after '+tcp'  in the file 

The section starts at line 144:

    def _resolver(plugin, record, what):
        rc, stdout, stderr = plugin.execute(
        return stdout

With this change execution of ovirt-engine-extension-aaa-ldap-setup completes 
successfully and joins fresh install of oVirt 4.4 to Active Directory.

If level of AD is 2016  '+nocookie' change is not needed.

Happy holydays to all of you!
Stay safe!

Thank you!

From: Latchezar Filtchev
Sent: Tuesday, November 24, 2020 10:31 AM
To: users@ovirt.org
Subject: oVirt 4.4 and Active directory

Hello All,

Fresh standalone installation of oVirt 4.3 (CentOS 7) . Execution of 
ovirt-engine-extension-aaa-ldap-setup completes normally and DC is connected to 
AD (Domain functional level: Windows Server 2008 ).

On the same hardware fresh standalone installation of oVirt 4.4.
Installation of engine completed with warning:

2020-11-23 14:50:46,159+0200 WARNING 
hostname._validateFQDNresolvability:308 Failed to resolve 44-8.mb118.local 
using DNS, it can be resolved only locally

Despite warning engine portal is resolvable after installation.

Execution of ovirt-engine-extension-aaa-ldap-setup ends with:

[ INFO  ] Stage: Environment customization
          Welcome to LDAP extension configuration program
          Available LDAP implementations:
           1 - 389ds
           2 - 389ds RFC-2307 Schema
           3 - Active Directory
           4 - IBM Security Directory Server
           5 - IBM Security Directory Server RFC-2307 Schema
           6 - IPA
           7 - Novell eDirectory RFC-2307 Schema
           8 - OpenLDAP RFC-2307 Schema
           9 - OpenLDAP Standard Schema
          10 - Oracle Unified Directory RFC-2307 Schema
          11 - RFC-2307 Schema (Generic)
          12 - RHDS
          13 - RHDS RFC-2307 Schema
          14 - iPlanet
          Please select: 3
          Please enter Active Directory Forest name: mb118.local
[ INFO  ] Resolving Global Catalog SRV record for mb118.local
[WARNING] Cannot resolve Global Catalog SRV record for mb118.local. Please 
check you have entered correct Active Directory forest name and check that 
forest is resolvable by your system DNS servers
[ ERROR ] Failed to execute stage 'Environment customization': Active Directory 
forest is not resolvable, please make sure you've entered correct forest name. 
If for some reason you can't use forest and you need some special configuration 
instead, please refer to examples directory provided by 
ovirt-engine-extension-aaa-ldap package.
[ INFO  ] Stage: Clean up
          Log file is available at 
[ INFO  ] Stage: Pre-termination
[ INFO  ] Stage: Termination

Can someone advise on this?

Thank you!

Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: 
List Archives: 

Reply via email to