<html>
  <head>
    <meta content="text/html; charset=windows-1252"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    vCenter SSO works well with Univention LDAP.<br>
    <br>
    Here I want to make sure if FreeIPA can work with vCenter SSO,
    because I read it on this page:
    <a class="moz-txt-link-freetext" href="http://www.freeipa.org/page/HowTo/vsphere5_integration">http://www.freeipa.org/page/HowTo/vsphere5_integration</a><br>
    <br>
    And thanks for the help and answer any questions from me. <br>
    Have a nice day.<br>
    <br>
    <div class="moz-cite-prefix">On 3/6/15 11:23 PM, Rich Megginson
      wrote:<br>
    </div>
    <blockquote cite="mid:54F9D496.1070302@redhat.com" type="cite">
      <meta content="text/html; charset=windows-1252"
        http-equiv="Content-Type">
      <div class="moz-cite-prefix">On 03/06/2015 09:13 AM, Gianluca
        Cecchi wrote:<br>
      </div>
      <blockquote
cite="mid:CAG2kNCxoPLDoFp-uM8f1Rda8rZt4uOBoe823sd_FepLgtjBK1w@mail.gmail.com"
        type="cite">
        <div dir="ltr">
          <div class="gmail_extra">
            <div class="gmail_quote">On Fri, Mar 6, 2015 at 4:40 PM,
              Rich Megginson <span dir="ltr"><<a
                  moz-do-not-send="true"
                  href="mailto:rmeggins@redhat.com" target="_blank">rmeggins@redhat.com</a>></span>
              wrote:<br>
              <blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
                <div bgcolor="#FFFFFF" text="#000000"><span class="">
                    <blockquote type="cite"><br>
                      <br>
                      [06/Mar/2015:21:51:15 +0700] conn=30 op=1 RESULT
                      err=0 tag=101 nentries=2 etime=0 notes=P<br>
                      [06/Mar/2015:21:51:15 +0700] conn=30 op=2 UNBIND<br>
                      [06/Mar/2015:21:51:15 +0700] conn=30 op=2 fd=99
                      closed - U1<br>
                      <br>
                      vCenter SSO error:<br>
                      Error: Idm client exception: Control not found<br>
                    </blockquote>
                    <br>
                  </span> There's no error log debug level which will
                  give us all of the controls received by the server or
                  all of the controls sent back by the server.  The
                  TRACE level will give us some information.<br>
                  <br>
                </div>
              </blockquote>
              <div><br>
              </div>
              <div><br>
              </div>
              <div>Could it be that the "Control not found" somehow
                related with "<span
                  style="color:rgb(0,0,0);white-space:pre-wrap">page
                  results control" as described in </span></div>
              <div><a moz-do-not-send="true"
                  href="https://bugzilla.redhat.com/show_bug.cgi?id=558099">https://bugzilla.redhat.com/show_bug.cgi?id=558099</a><br>
              </div>
            </div>
          </div>
        </div>
      </blockquote>
      <br>
      Could be.<br>
      <blockquote
cite="mid:CAG2kNCxoPLDoFp-uM8f1Rda8rZt4uOBoe823sd_FepLgtjBK1w@mail.gmail.com"
        type="cite">
        <div dir="ltr">
          <div class="gmail_extra">
            <div class="gmail_quote">
              <div><br>
              </div>
              <div>Is the "notes=P" in ipa logs a setting managed by the
                server or by the type of the query done by the client?</div>
            </div>
          </div>
        </div>
      </blockquote>
      <br>
      Yes.  It means the client is requesting a Simple Paged Search by
      using that control.<br>
      <br>
      <blockquote
cite="mid:CAG2kNCxoPLDoFp-uM8f1Rda8rZt4uOBoe823sd_FepLgtjBK1w@mail.gmail.com"
        type="cite">
        <div dir="ltr">
          <div class="gmail_extra">
            <div class="gmail_quote">
              <div>In my past IPA 3.3.3 logs I didn't find it at the end
                of the log line with nentries...</div>
            </div>
          </div>
        </div>
      </blockquote>
      <br>
      It has everything to do with the client.  The server has supported
      Simple Paged Search for a long time.  Perhaps some newer version
      of the client is requesting paged results?<br>
      <br>
      <br>
      <blockquote
cite="mid:CAG2kNCxoPLDoFp-uM8f1Rda8rZt4uOBoe823sd_FepLgtjBK1w@mail.gmail.com"
        type="cite">
        <div dir="ltr">
          <div class="gmail_extra">
            <div class="gmail_quote">
              <div>Just an attempt...  </div>
              <div><br>
              </div>
            </div>
          </div>
        </div>
      </blockquote>
      <br>
      One more thing - does vCenter work with another LDAP server, like
      openldap or active directory?  If so, try capturing a wireshark
      trace of a successful search operation, then capture a wireshark
      trace of a session using ipa, and we can compare them to see which
      controls the working server is sending back that ipa is not.<br>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
    </blockquote>
    <br>
    <div class="moz-signature">-- <br>
      Regards,<br>
      Herwono W Wijaya<br>
      <a class="moz-txt-link-freetext" href="https://linuxcoding.org">https://linuxcoding.org</a> | <b><a
href="https://communities.vmware.com/vexpert.jspa?src=vmw_so_vex_hwija_769&username=herwonowr">VMware
          vExpert 2014, 2015</a></b>
    </div>
  </body>
</html>