Bug 985623 - unable to add to an AD domain (Exception message is: Comparison method violates its general contract!)
unable to add to an AD domain (Exception message is: Comparison method violat...
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine-config (Show other bugs)
3.2.0
Unspecified Unspecified
unspecified Severity unspecified
: ---
: 3.3.0
Assigned To: Yair Zaslavsky
Pavel Stehlik
infra
:
: 1034798 (view as bug list)
Depends On:
Blocks: 1019461
  Show dependency treegraph
 
Reported: 2013-07-17 19:23 EDT by Vagner Farias
Modified: 2016-02-10 14:08 EST (History)
6 users (show)

See Also:
Fixed In Version: is10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-01-21 17:16:17 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
sample dns zone to trigger error (3.12 KB, text/plain)
2013-07-17 19:37 EDT, Vagner Farias
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 17047 None None None Never
oVirt gerrit 17048 None None None Never
oVirt gerrit 17049 None None None Never

  None (edit)
Description Vagner Farias 2013-07-17 19:23:30 EDT
Description of problem:

When trying to add an AD domain to RHEV Manager configuration, the following error is being printed:

# rhevm-manage-domains -action=add -domain=customer.com.br -user=rhev -provider=ActiveDirectory -interactive 
No LDAP servers can be obtained for domain customer.com.br

engine-manage-domains.log has:

2013-07-17 18:18:53,068 ERROR [org.ovirt.engine.core.utils.dns.DnsSRVLocator] Error: could not find DNS SRV record name: _ldap._tcp.customer.com.br.
Exception message is: Comparison method violates its general contract!
Possible causes: missing DNS entries in the DNS server or DNS resolving issues from engine-core machine.
Please Ensure correct DNS entries exist in the DNS server and ensure the DNS server is reachable from the engine-core machine.
2013-07-17 18:18:53,070 ERROR [org.ovirt.engine.core.utils.kerberos.ManageDomains] No LDAP servers can be obtained for domain customer.com.br

DNS seems to be properly configured, as forward and reverse records are present. However this DNS domain has several _ldap._tcp, _kerberos._tcp and _kerberos._udp  SRV records. 

Version-Release number of selected component (if applicable):
rhevm-config-3.2.0-11.33.el6ev.noarch.rpm

How reproducible:
Tests have shown it is always reproducible with the DNS zone that will be attached to this bz.


Steps to Reproduce:
1. Configure bind to use the zone file provided
2. Run "rhevm-manage-domains -action=add -domain=customer.com.br -provider=ActiveDirectory -user=rhev -interactive" (actually, provider can be any supported option)

Actual results:
No LDAP servers can be obtained for domain customer.com.br

Expected results:
User should be asked to enter password and the domain should be properly added to Manager configuration

Additional info:
I don't have customer actual zone files, but I could reproduce the issue with the configuration attached to this bz. 

It's not required to create a complete IDM or AD domain to raise this error. Having only the SRV records is sufficient.
Comment 1 Vagner Farias 2013-07-17 19:37:06 EDT
Created attachment 775013 [details]
sample dns zone to trigger error

Dirty and ugly zone file. It's incomplete from a DNS perspective, but it triggers the error.

If any of the following records are changed, the error is not triggered:

* removal of any of the records with priority == 10
* change of any priority == 5 to priority == 10

If there's only one record with priority == 0 and one with priority == 5, all the others may have priority == 10 and it'll work properly.

I couldn't understand the complete logic, though.
Comment 2 Vagner Farias 2013-07-17 21:30:13 EDT
A coworker suggested the issue may be related to the way compareTo(SrvRecord other) is implemented in DnsSRVLocator class.

        @Override
        public int compareTo(SrvRecord other) {
                ...
                if (weight == 0 && other.weight != 0) {
                        return -1;
                }
                if (weight != 0) {
                        return 1;
                }
                return 0;
        }

He said that when weight is different from 0, it's not possible to correctly order the records, raising an exception.

I modified my zone file setting weight to 0 on every SRV record and the exception wasn't triggered.
Comment 5 Yair Zaslavsky 2013-12-09 17:26:13 EST
*** Bug 1034798 has been marked as a duplicate of this bug. ***
Comment 6 Itamar Heim 2014-01-21 17:16:17 EST
Closing - RHEV 3.3 Released
Comment 7 Itamar Heim 2014-01-21 17:23:09 EST
Closing - RHEV 3.3 Released

Note You need to log in before you can comment on or make changes to this bug.