Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 1513759

Summary: [downstream clone - 4.1.8] Misleading Error : Unexpected comma or semicolon found at the end of the DN string.
Product: Red Hat Enterprise Virtualization Manager Reporter: rhev-integ
Component: ovirt-engine-extension-aaa-ldapAssignee: Ondra Machacek <omachace>
Status: CLOSED ERRATA QA Contact: Gonza <grafuls>
Severity: high Docs Contact:
Priority: high    
Version: 4.1.0CC: bazulay, gklein, lsurette, mgoldboi, mperina, oourfali, pstehlik, Rhev-m-bugs, troels, ykaul
Target Milestone: ovirt-4.1.8Keywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-engine-extension-aaa-ldap-1.3.6 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1511120 Environment:
Last Closed: 2017-12-12 09:23:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1511120    
Bug Blocks:    

Description rhev-integ 2017-11-15 22:22:04 UTC
+++ This bug is a downstream clone. The original bug is: +++
+++   bug 1511120 +++
======================================================================

Description of problem:
We have been having quite a few customers off late reporting setup issues with the error as defined in summary.

In all these cases, we have seen that the underlying error is something different but the customer sees only "Unexpected comma or semicolon found at the end of the DN string."

This error is very misleading and they are unable to determine the exact cause until we at support ask for debug logs to determine the actual cause.


In one of the case, the actual problem was : The connection reader was unable to successfully complete TLS negotiation:  LDAPException(resultCode=91 (connect error), errorMessage='Hostname verification failed because the expected hostname '<fqdn>' was not found in peer certificate..."

We need some changes to showcase the actual error at these times.

(Originally by Anitha Udgiri)

Comment 2 Gonza 2017-11-24 16:52:06 UTC
Verified with:
ovirt-engine-extension-aaa-ldap-setup-1.3.6-1.el7ev.noarch

Login sequence executed successfully

Comment 5 errata-xmlrpc 2017-12-12 09:23:10 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:3426