Sanatized summary (original description contains internal only machine addresses): I've been trying to run up a RHEV environment here in Toronto for the local engineering teams and run into an issue which I think relates to a change made to IPA in RHEL 6.3. I have installed RHEVM on a RHEL 6.3 machine, and IPA server on another RHEL 6.3 machine. When I do rhevm-manage-domains I get the following response (note I do have PTR and SRV records even though it's a usersys address, I'm providing them locally using dnsmasq) No user in Directory was found for admin@<snip>. Trying next LDAP server in list Failure while testing domain <snip>. Details: No user information was found for user The log does not provide much insight: 2012-06-27 13:22:07,635 INFO [org.ovirt.engine.core.utils.kerberos.ManageDomains] Successfully created kerberos configuration for domain(s): <snip> 2012-06-27 13:22:07,635 INFO [org.ovirt.engine.core.utils.kerberos.ManageDomains] Testing kerberos configuration for domain: <snip> I did find a docspace article in my travels that suggested that perhaps the UPN in IPA didn't match what rhevm-manage-domains expects but that doesn't appear to be the case here, I am able to kinit as the given UPN. I did a bit more searching and came across this: https://access.redhat.com/discussion/freeipa-integration-problem Essentially it appears a change in FreeIPA (yes, which I know we don't support, stay with me here) throws off the logic in rhevm-manage-domains that autodetects whether IPA or AD is in use, causing the error that I am running into. Clicking through that discussion to the FreeIPA ticket, and then to a RHEL bugzilla you end up here: https://bugzilla.redhat.com/show_bug.cgi?id=766322 To me it looks like this change to ipa-server, known to break rhevm-manage-domains, was deployed as part of RHEL 6.3? Has anyone successfully used rhevm-manage-domains to add an IPA domain that is hosted on a RHEL 6.3 box?
Should also note I did come across and follow the steps here: https://access.redhat.com/knowledge/ko/node/70496 As I said though I get to the end of this and can still kinit as the given user@domain so not sure this is the issue.
I've since installed a RHEL 6.2 VM and pointed the DNS entries at it (my IPA instances are VMs), ran ipa-server-install, and was able to successfully add the domain using rhevm-manage-domains. This definitely looks like it was introduced in RHEL 6.3 to me. RHEL 6.2: ipa server-2.1.3-9.el6.x86_64 RHEL 6.3: ipa-server-2.2.0-16.el6.x86_64
*** This bug has been marked as a duplicate of bug 808129 ***