Bug 1420281
Summary: | Ignore groups which can't be resolved from non-working domain inside Active Directory multi-domain forrest | ||
---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Ondra Machacek <omachace> |
Component: | ovirt-engine-extension-aaa-ldap | Assignee: | Ondra Machacek <omachace> |
Status: | CLOSED ERRATA | QA Contact: | Gonza <grafuls> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.0.0 | CC: | bazulay, lsurette, lsvaty, mgoldboi, mperina, oourfali, pbrilla, Rhev-m-bugs, ykaul |
Target Milestone: | ovirt-4.1.1 | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ovirt-engine-extension-aaa-ldap-1.3.1 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-04-25 00:55:20 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ondra Machacek
2017-02-08 10:56:10 UTC
We have following workarounds for the issue: 1. You can remove groups from non-working domain for particular user to enable successful login 2. You can remove non-working domain (assuming it's not a temporary failure) Fix is contained in ovirt-engine-extension-aaa-ldap-1.3.1 Verified with: ovirt-engine-extension-aaa-ldap-1.3.1-1.el7ev.noarch 2017-04-05 11:29:15,595+03 WARNING Exception: An error occurred while attempting to connect to server brq-w2k12r2p-2c.ad-w2k12r2pc.redhat.com:389: java.io.IOException: LDAPException(resultCode=91 (connect error), errorMessage='An error occurred while attempting to establish a connection to server brq-w2k12r2p-2c.ad-w2k12r2pc.redhat.com/10.34.63.33:389: NoRouteToHostException(message='No route to host (Host unreachable)', trace='socketConnect(PlainSocketImpl.java:native) / doConnect(AbstractPlainSocketImpl.java:350) / connectToAddress(AbstractPlainSocketImpl.java:206) / connect(AbstractPlainSocketImpl.java:188) / connect(SocksSocketImpl.java:392) / connect(Socket.java:589) / connect(Socket.java:538) / <init>(Socket.java:434) / <init>(Socket.java:244) / createSocket(SocketFactory.java:277) / createSocket(ResolverSocketFactory.java:63) / createSocket(ResolverSocketFactory.java:76) / run(ConnectThread.java:139)', revision=0)') 2017-04-05 11:29:15,602+03 WARNING Ignoring records from pool: 'authz.com' 2017-04-05 11:29:15,696+03 WARNING Ignoring records from pool: 'authz.com' |