974148 – RHEV-M AD authentication does not work if one of the DCs is defunct.

Bug 974148 - RHEV-M AD authentication does not work if one of the DCs is defunct.

Summary: RHEV-M AD authentication does not work if one of the DCs is defunct.

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine
Sub Component:
Version:	3.2.0
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	3.3.0
Assignee:	Martin Perina
QA Contact:	Ondra Machacek
Docs Contact:
URL:
Whiteboard:	infra
Depends On:
Blocks:	1019461
TreeView+	depends on / blocked

Reported:	2013-06-13 14:08 UTC by Roman Hodain
Modified:	2018-12-01 14:28 UTC (History)
CC List:	11 users (show)
Fixed In Version:	is7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-01-21 17:27:23 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2014:0038	0	normal	SHIPPED_LIVE	Important: Red Hat Enterprise Virtualization Manager 3.3.0 update	2014-01-21 22:03:06 UTC
oVirt gerrit	16859	0	None	None	None	Never

Description Roman Hodain 2013-06-13 14:08:51 UTC

Description of problem:
The admin portal is not able to authenticate the users from an Active Directory if one of the domain controllers is not reachable.

The registration and validation of the domain is Ok.

Version-Release number of selected component (if applicable):
RHEV 3.2

How reproducible:
100% in a specific configuration

Steps to Reproduce:
1. Register the RHEV-M to AD with two DCs
2. Turn off one of the DCs
3. Try to log in 

Actual results:
The user is not allowed to log in.

Expected results:
The user is allowed to log in.

Additional info:

Comment 11 Martin Perina 2013-07-15 12:21:41 UTC

The bug has already been partially resolved upstream. The only remaining error was in root DSE query code block: when the first LDAP server in list was not available, there was an uncaught RuntimeException that prevents querying next LDAP server and makes login unsuccessful at once.

Comment 13 Charlie 2013-11-28 00:15:16 UTC

This bug is currently attached to errata RHEA-2013:15231. If this change is not to be documented in the text for this errata please either remove it from the errata, set the requires_doc_text flag to minus (-), or leave a "Doc Text" value of "--no tech note required" if you do not have permission to alter the flag.

Otherwise to aid in the development of relevant and accurate release documentation, please fill out the "Doc Text" field above with these four (4) pieces of information:

* Cause: What actions or circumstances cause this bug to present.
* Consequence: What happens when the bug presents.
* Fix: What was done to fix the bug.
* Result: What now happens when the actions or circumstances above occur. (NB: this is not the same as 'the bug doesn't present anymore')

Once filled out, please set the "Doc Type" field to the appropriate value for the type of change made and submit your edits to the bug.

For further details on the Cause, Consequence, Fix, Result format please refer to:

https://bugzilla.redhat.com/page.cgi?id=fields.html#cf_release_notes 

Thanks in advance.

Comment 14 errata-xmlrpc 2014-01-21 17:27:23 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2014-0038.html

Note You need to log in before you can comment on or make changes to this bug.