<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Legal Marcelo,<br>
<br>
Depois do ultimo update do IPA, ele parou de funcionar para o
oVirt 3.4. O oVirt 3.4 tinha os métodos de acesso hard-coded,
dificultando a alteração de qualquer método de conexão. Com o
oVirt 3.5 e a nova estrutura de AAA que o Alon desenvolveu, que
permite adicionarmos qualquer provedor de autenticação e
customizar da forma que precisarmos, o oVirt ficou bem mais
flexível. <br>
<br>
Ótimo que isso resolveu seu problema. Você se importa de escrever
um post sobre isso? Podemos colocar na wiki do projeto.<br>
<br>
On 10/31/2014 10:56 AM, Marcelo Donato wrote:<br>
</div>
<blockquote
cite="mid:CAPaMSciyyb4_0EidtC=903myuozZmcRuQYt1rMGsvCWcUdzDRQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default" style="font-size:small">Seguindo a
sugestão do Amador, fui para a versão 3.5 do oVirt já que na
3.4 não tive sucesso.</div>
<div class="gmail_default" style="font-size:small"><br>
</div>
<div class="gmail_default" style="font-size:small">Na nova
versão, oVirt e FreeIpa trabalhando perfeitamente em conjunto.</div>
<div class="gmail_default" style="font-size:small"><br>
</div>
<div class="gmail_default" style="font-size:small">Abaixo a
solução para a questão.</div>
<div class="gmail_default" style="font-size:small"><br>
</div>
<div class="gmail_default" style="font-size:small">Mais uma vez
agradeço ao Amador, tanto pela sugestão quanto pela atenção, e
ao Alon Bar que resolveu o problema.</div>
<div class="gmail_default" style="font-size:small"><br>
</div>
<div class="gmail_default" style="font-size:small">#####################################################</div>
<div class="gmail_default" style="font-size:small"><br>
</div>
<div class="gmail_default" style="font-size:small"><span
style="font-family:arial,sans-serif">Resolved By "Alon
Bar-Lev" <</span><a moz-do-not-send="true"
href="mailto:alonbl@redhat.com" target="_blank"
style="font-family:arial,sans-serif">alonbl@redhat.com</a><span
style="font-family:arial,sans-serif">></span><br>
</div>
<div class="gmail_default" style="font-size:small">
<div style="font-family:arial,sans-serif">
<div class="im">
<div class="gmail_default"><br>
</div>
<div class="gmail_default"><br>
</div>
<div class="gmail_default"><span style="font-size:13px">1.
install ovirt-engine-extension-aaa-</span><span
style="font-size:13px">ldap, it is available in
ovirt-3.5-snapshots repository.</span><br
style="font-size:13px">
<br style="font-size:13px">
<span style="font-size:13px">2. create
/etc/ovirt-engine/extensions.</span><span
style="font-size:13px">d/din.intranet-authz.</span><span
style="font-size:13px">properties</span><br
style="font-size:13px">
<br style="font-size:13px">
<a moz-do-not-send="true"
href="http://ovirt.engine.extension.name/"
target="_blank" style="font-size:13px">ovirt.engine.extension.name</a><span
style="font-size:13px"> = din-intranet-authz</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">bindings.method = jbossmodule</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">binding.jbossmodule.module =
org.ovirt.engine-extensions.</span><span
style="font-size:13px">aaa.ldap</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">binding.jbossmodule.class =
org.ovirt.engineextensions.</span><span
style="font-size:13px">aaa.ldap.AuthzExtension</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">provides =
org.ovirt.engine.api.</span><span
style="font-size:13px">extensions.aaa.Authz</span><br
style="font-size:13px">
<span style="font-size:13px">config.profile.file.1 =
/etc/ovirt-engine/aaa/din.</span><span
style="font-size:13px">intranet.properties</span><br
style="font-size:13px">
<br style="font-size:13px">
<span style="font-size:13px">3. create
/etc/ovirt-engine/extensions.</span><span
style="font-size:13px">d/din.intranet-authn.</span><span
style="font-size:13px">properties</span><br
style="font-size:13px">
<br style="font-size:13px">
<a moz-do-not-send="true"
href="http://ovirt.engine.extension.name/"
target="_blank" style="font-size:13px">ovirt.engine.extension.name</a><span
style="font-size:13px"> = din-intranet-authn</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">bindings.method = jbossmodule</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">binding.jbossmodule.module =
org.ovirt.engine-extensions.</span><span
style="font-size:13px">aaa.ldap</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">binding.jbossmodule.class =
org.ovirt.engineextensions.</span><span
style="font-size:13px">aaa.ldap.AuthnExtension</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.extension.</span><span
style="font-size:13px">provides =
org.ovirt.engine.api.</span><span
style="font-size:13px">extensions.aaa.Authn</span><br
style="font-size:13px">
<a moz-do-not-send="true"
href="http://ovirt.engine.aaa.authn.profile.name/"
target="_blank" style="font-size:13px">ovirt.engine.aaa.authn.profile.name</a><span
style="font-size:13px"> = din.intranet</span><br
style="font-size:13px">
<span style="font-size:13px">ovirt.engine.aaa.authn.authz.</span><span
style="font-size:13px">plugin = din-intranet-authz</span><br
style="font-size:13px">
<span style="font-size:13px">config.profile.file.1 =
/etc/ovirt-engine/aaa/din.</span><span
style="font-size:13px">intranet.properties</span><br
style="font-size:13px">
<br style="font-size:13px">
<span style="font-size:13px">4. create
/etc/ovirt-engine/aaa/din.</span><span
style="font-size:13px">intranet.properties</span><br
style="font-size:13px">
<br style="font-size:13px">
<span style="font-size:13px">include =
<ipa.properties></span><br
style="font-size:13px">
<br style="font-size:13px">
<span style="font-size:13px">vars.user =
uid=admin,cn=users,cn=</span><span
style="font-size:13px">accounts,dc=din,dc=intranet</span><br
style="font-size:13px">
<span style="font-size:13px">vars.password = 123456</span><br
style="font-size:13px">
<span style="font-size:13px">vars.server =
ipa1.din.intranet</span><br style="font-size:13px">
<br style="font-size:13px">
<span style="font-size:13px">pool.default.serverset.single.</span><span
style="font-size:13px">server = ${global:vars.server}</span><br
style="font-size:13px">
<span style="font-size:13px">pool.default.auth.simple.</span><span
style="font-size:13px">bindDN = ${global:vars.user}</span><br
style="font-size:13px">
<span style="font-size:13px">pool.default.auth.simple.</span><span
style="font-size:13px">password =
${global:vars.password}</span><br
style="font-size:13px">
<br style="font-size:13px">
<span style="font-size:13px">5. restart engine.</span></div>
<div class="gmail_default"><span style="font-size:13px"><br>
</span></div>
<div class="gmail_default"><br>
</div>
</div>
</div>
</div>
<div class="gmail_extra"><br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature">Ao encaminhar esta mensagem, por
favor:<br>
1. Apague o meu e-mail e o meu nome.<br>
2. Apague também os endereços dos amigos antes de reenviar<br>
3. Use Cco ou Bcc para enviar mensagens!<br>
Dificulte a disseminação de vírus e spam.</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>