Bug 1001976 - manage domains should try to resolve FQDNs provided by -ldapServers
Summary: manage domains should try to resolve FQDNs provided by -ldapServers
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-config
Version: 3.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3.4.0
Assignee: Martin Perina
QA Contact: Petr Beňas
URL:
Whiteboard: infra
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-08-28 08:47 UTC by Yair Zaslavsky
Modified: 2016-02-10 19:20 UTC (History)
8 users (show)

Fixed In Version: av2
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-12 14:03:29 UTC
oVirt Team: Infra
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 19547 0 None None None Never
oVirt gerrit 24416 0 None None None Never
oVirt gerrit 25034 0 None None None Never
oVirt gerrit 25036 0 None None None Never

Description Yair Zaslavsky 2013-08-28 08:47:50 UTC 
Description of problem:

I would recommend that manage-domains tool will try to resolve FQDNs of machines that are provided using -ldapServers, prior to adding a domain.
For example

if -ldapSevers=a.example.com,b.example.com

Then the tool should have a validation check that will check that
a.example.com and b.example.com are resolvable.

This is an idea that was raised by Marina at

BZ994205
 
Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Sandro Bonazzola 2014-02-19 12:26:24 UTC 
This bug is referenced in ovirt-engine-3.4.0-beta3 logs. Moving to ON_QA
Comment 2 Petr Beňas 2014-02-25 13:37:45 UTC 
Tested the fix is present in ovirt-engine-tools-3.4.0-0.11.beta3.el6.noarch.

I have two objections here. The error message should probably end with a dot instead of a comma. I'd also suggest removing the "Details" part, since the exception contains the domain name, so it makes no sense to show it twice. 

# engine-manage-domains add --domain=example.com --user=vdcadmin --provider=ActiveDirectory --ldap-servers="foo.example.com,not.resolvable.at.all"
Cannot resolve LDAP server hostname 'not.resolvable.at.all'. Details: not.resolvable.at.all,
Enter password:
The domain example.com has been added to the engine as an authentication source but no users from that domain have been granted permissions within the oVirt Manager.
Users from this domain can be granted permissions by editing the domain using action edit and specifying --add-permissions or from the Web administration interface logging in as admin@internal user.
oVirt Engine restart is required in order for the changes to take place (service ovirt-engine restart).
Manage Domains completed successfully
Comment 3 Petr Beňas 2014-03-04 14:11:48 UTC 
Verified in rhevm-tools-3.4.0-0.3.master.el6ev.noarch

[root@pb-rh34 ~]# engine-manage-domains add --domain=example.com --user=vdcadmin --provider=ActiveDirectory --ldap-servers="foo.example.com,not.resolvable.at.all"
Cannot resolve LDAP server hostname 'not.resolvable.at.all'.
Enter password:
The domain example.com has been added to the engine as an authentication source but no users from that domain have been granted permissions within the oVirt Manager.
Users from this domain can be granted permissions by editing the domain using action edit and specifying --add-permissions or from the Web administration interface logging in as admin@internal user.
oVirt Engine restart is required in order for the changes to take place (service ovirt-engine restart).
Manage Domains completed successfully
Comment 4 Itamar Heim 2014-06-12 14:03:29 UTC 
Closing as part of 3.4.0
Note You need to log in before you can comment on or make changes to this bug.