Description of problem: Customer used this workaround for multiple AD servers on RHEV 3.1 specified in https://access.redhat.com/site/solutions/70533: - # rhevm-config -s LdapServers=rhev.example.com:ad1.rhev.example.com,rhev.example.com:ad2.rhev.example.com -p /root/ldapservers.properties - manual modification of krb5.conf After upgrading this environment to 3.2, rhevm-manage-domains will not allow them to use the ldapservers option and will not reconfigure the krb5.conf file at all. Version-Release number of selected component (if applicable): 3.2 How reproducible: Unknown Steps to Reproduce: 1. Create 3.1 environment and apply workaround in https://access.redhat.com/site/solutions/70533 2. Upgrade environment to 3.2 3. Attempt to use rhevm-manage-domains to fix settings Actual results: Message from rhevm-manage-domains that change was applied, but no change in behaviour or krb5.conf Expected results: Updated krb5.conf and behaviour Additional info:
I looked at the engine manage domains log and saw this - 2013-10-24 09:40:40,146 ERROR [org.ovirt.engine.core.utils.dns.DnsSRVLocator] Error: could not find DNS SRV record name: _kerberos._tcp.example.com. Exception message is: Comparison method violates its general contract! I replaced to "example.com" intentionally , the important line here is the contract violation. I remember I dealt with a bug around this - see BZ985623 I do not wish to "close as duplicate" before further being investigated. Alan, can we provide you a fix to test with the customer?
Yes, sure. Test package would be just great. Please let me know what we can do to help you.
(In reply to Marina from comment #2) > Yes, sure. > Test package would be just great. > Please let me know what we can do to help you. A test package would be great.
Testing the bug description internally, I think we need to be more specific and change the title as well. Explanation: - When running the tool with action=add and specifying LdapServers, it works and updates the database and krb5.conf file properly. - What customer was trying to do in this case is to use edit command, and the edit command didn't work and didn't update the database and krb5.conf with the new information. Thus, I suggest changing the title of the bug - rhevm-manage domain edit does not update LdapServers specified on the edit command.
(In reply to Marina from comment #6) > Testing the bug description internally, I think we need to be more specific > and change the title as well. > Explanation: > - When running the tool with action=add and specifying LdapServers, it works > and updates the database and krb5.conf file properly. > - What customer was trying to do in this case is to use edit command, and > the edit command didn't work and didn't update the database and krb5.conf > with the new information. > > Thus, I suggest changing the title of the bug - rhevm-manage domain edit > does not update LdapServers specified on the edit command. Marina, I think these are two separate issues - see my previous comment , comment #1, And Martin's comment. There is a bug on edit + -ldapServers which I suggested for 3.4 (IMHO this is not a block for 3.3) - it can be later on cloned to 3.3.z and 3.2.z See BZ1037894
Clearing needinfo