Bug 871591 - rhevm-manage-domains for domain missing SRV records do not print correct error message
Summary: rhevm-manage-domains for domain missing SRV records do not print correct erro...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-config
Version: 3.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 3.2.0
Assignee: Yair Zaslavsky
QA Contact: Ilanit Stein
URL:
Whiteboard: infra
Depends On:
Blocks: 879723 915537
TreeView+ depends on / blocked
 
Reported: 2012-10-30 19:37 UTC by Ilanit Stein
Modified: 2016-02-10 19:06 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 879723 (view as bug list)
Environment:
Last Closed:
oVirt Team: Infra
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Ilanit Stein 2012-10-30 19:37:35 UTC 
Description of problem:

When runinng rhevm-manage-domains for domains that is missing SRV records from DNS (like in  bug 757519), 
please print a clear 'missing DNS entries...' error message, 
which is seen at /var/log/ovirt-engine/engine-manage-domains.log (bellow).

Version-Release number of selected component (if applicable):
SI22.1

How reproducible:
always

rhevm console log:

[root@lilach-rhel ~]# rhevm-manage-domains -action=add -domain=dc1.forest2008.qa.lab.tlv.redhat.com -user=vdcadmin -provider=ActiveDirectory -interactive
Enter password:

Error: Authentication Failed. Please verify the fully qualified domain name that is used for authentication is correct.. Problematic domain is: dc1.forest2008.qa.lab.tlv.redhat.com
Failure while applying Kerberos configuration. Details: Authentication Failed. Please verify the fully qualified domain name that is used for authentication is correct.

/var/log/ovirt-engine/engine-manage-domains.log:

2012-10-30 15:37:51,659 INFO  [org.ovirt.engine.core.utils.kerberos.ManageDomains] Creating kerberos configuration for domain(s): qa.lab.tlv.redhat.com,dc1.forest2008.qa.lab.tlv.redhat.com
2012-10-30 15:37:51,693 ERROR [org.ovirt.engine.core.utils.dns.DnsSRVLocator] Error: could not find DNS SRV record name: _kerberos._tcp.DC1.FOREST2008.QA.LAB.TLV.REDHAT.COM.
Exception message is: DNS name not found [response code 3]
Possible causes: missing DNS entries in the DNS server or DNS resolving issues from engine-core machine.
Please Ensure correct DNS entries exist in the DNS server and ensure the DNS server is reachable from the engine-core machine.
2012-10-30 15:37:51,712 ERROR [org.ovirt.engine.core.utils.kerberos.ManageDomains] Failure while applying Kerberos configuration. Details: Authentication Failed. Please verify the fully qualified domain name that is used for authentication is correct.

Additional Info: 
Bug 871585 is about the problem of asking for password, instead of just giving error message on the DNS not found.

Actual Results:
Instead of error message on DNS not found, a password is asked.
Comment 1 Yair Zaslavsky 2012-11-20 08:17:11 UTC 
Suggested patch

http://gerrit.ovirt.org/#/c/9349/
Comment 2 Yair Zaslavsky 2012-11-20 12:46:54 UTC 
I solved the two bugs by solving https://bugzilla.redhat.com/871585

I both provide a clear message about DNS issue + don't prompt for password in such case.

I prefer not to perform close duplicate, as these are two separate bugs, handled in same way (due to my extra handling in 871585)
Comment 5 Ilanit Stein 2013-02-14 12:37:41 UTC 
Verified on sf-7:
[root@lilach-rhel yum.repos.d]# rhevm-manage-domains -action=add -domain=dc1.forest2008.qa.lab.tlv.redhat.com -user=vdcadmin -provider=ActiveDirectory -interactive
No LDAP servers can be obtained for domain dc1.forest2008.qa.lab.tlv.redhat.com
Comment 6 Itamar Heim 2013-06-11 08:58:35 UTC 
3.2 has been released
Comment 7 Itamar Heim 2013-06-11 08:58:52 UTC 
3.2 has been released
Comment 8 Itamar Heim 2013-06-11 08:58:52 UTC 
3.2 has been released
Comment 9 Itamar Heim 2013-06-11 09:00:29 UTC 
3.2 has been released
Comment 10 Itamar Heim 2013-06-11 09:29:58 UTC 
3.2 has been released
Note You need to log in before you can comment on or make changes to this bug.