Bug 985623

Summary: unable to add to an AD domain (Exception message is: Comparison method violates its general contract!)
Product: Red Hat Enterprise Virtualization Manager Reporter: Vagner Farias <vfarias>
Component: ovirt-engine-configAssignee: Yair Zaslavsky <yzaslavs>
Status: CLOSED CURRENTRELEASE QA Contact: Pavel Stehlik <pstehlik>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.2.0CC: acathrow, adevolder, iheim, oourfali, Rhev-m-bugs, yeylon
Target Milestone: ---   
Target Release: 3.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: is10 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-21 22:16:17 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1019461    
Attachments:
Description Flags
sample dns zone to trigger error none

Description Vagner Farias 2013-07-17 23:23:30 UTC 
Description of problem:

When trying to add an AD domain to RHEV Manager configuration, the following error is being printed:

# rhevm-manage-domains -action=add -domain=customer.com.br -user=rhev -provider=ActiveDirectory -interactive 
No LDAP servers can be obtained for domain customer.com.br

engine-manage-domains.log has:

2013-07-17 18:18:53,068 ERROR [org.ovirt.engine.core.utils.dns.DnsSRVLocator] Error: could not find DNS SRV record name: _ldap._tcp.customer.com.br.
Exception message is: Comparison method violates its general contract!
Possible causes: missing DNS entries in the DNS server or DNS resolving issues from engine-core machine.
Please Ensure correct DNS entries exist in the DNS server and ensure the DNS server is reachable from the engine-core machine.
2013-07-17 18:18:53,070 ERROR [org.ovirt.engine.core.utils.kerberos.ManageDomains] No LDAP servers can be obtained for domain customer.com.br

DNS seems to be properly configured, as forward and reverse records are present. However this DNS domain has several _ldap._tcp, _kerberos._tcp and _kerberos._udp  SRV records. 

Version-Release number of selected component (if applicable):
rhevm-config-3.2.0-11.33.el6ev.noarch.rpm

How reproducible:
Tests have shown it is always reproducible with the DNS zone that will be attached to this bz.


Steps to Reproduce:
1. Configure bind to use the zone file provided
2. Run "rhevm-manage-domains -action=add -domain=customer.com.br -provider=ActiveDirectory -user=rhev -interactive" (actually, provider can be any supported option)

Actual results:
No LDAP servers can be obtained for domain customer.com.br

Expected results:
User should be asked to enter password and the domain should be properly added to Manager configuration

Additional info:
I don't have customer actual zone files, but I could reproduce the issue with the configuration attached to this bz. 

It's not required to create a complete IDM or AD domain to raise this error. Having only the SRV records is sufficient.
Comment 1 Vagner Farias 2013-07-17 23:37:06 UTC 
Created attachment 775013 [details]
sample dns zone to trigger error

Dirty and ugly zone file. It's incomplete from a DNS perspective, but it triggers the error.

If any of the following records are changed, the error is not triggered:

* removal of any of the records with priority == 10
* change of any priority == 5 to priority == 10

If there's only one record with priority == 0 and one with priority == 5, all the others may have priority == 10 and it'll work properly.

I couldn't understand the complete logic, though.
Comment 2 Vagner Farias 2013-07-18 01:30:13 UTC 
A coworker suggested the issue may be related to the way compareTo(SrvRecord other) is implemented in DnsSRVLocator class.

        @Override
        public int compareTo(SrvRecord other) {
                ...
                if (weight == 0 && other.weight != 0) {
                        return -1;
                }
                if (weight != 0) {
                        return 1;
                }
                return 0;
        }

He said that when weight is different from 0, it's not possible to correctly order the records, raising an exception.

I modified my zone file setting weight to 0 on every SRV record and the exception wasn't triggered.
Comment 5 Yair Zaslavsky 2013-12-09 22:26:13 UTC 
*** Bug 1034798 has been marked as a duplicate of this bug. ***
Comment 6 Itamar Heim 2014-01-21 22:16:17 UTC 
Closing - RHEV 3.3 Released
Comment 7 Itamar Heim 2014-01-21 22:23:09 UTC 
Closing - RHEV 3.3 Released