LDAP/Kerberos authentication fails on RHVM when the ldap server hostname resolves to an IPv6 only address

Solution In Progress - Updated -

Issue

  • We use Kerberos for authentication for the RHV API and webUI
  • This is configured in the file /etc/ovirt-engine/aaa/example.properties on the Hosted Engine

  • The vars.server directive points to an LDAP server

    vars.server = ldap.example.com

  • If this hostname only resolves to an IPv6 address, then the API/webUI cannot use it for authentication.

  • SSO login fails and a normal login page is displayed but entering the correct credentials fails as well with: "Unable to log in. Verify your login information or contact the system administrator."
  • If this hostname has an IPv4 address (in addition to IPv6), then the problem disappears

Environment

  • Red Hat Virtualization (RHV) 4.3
  • ovirt-engine-extension-aaa-ldap-setup-1.3.9-1.el7ev.noarch

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content