<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">Legal Marcelo,<br>
      <br>
      Depois do ultimo update do IPA, ele parou de funcionar para o
      oVirt 3.4. O oVirt 3.4 tinha os métodos de acesso hard-coded,
      dificultando a alteração de qualquer método de conexão. Com o
      oVirt 3.5 e a nova estrutura de AAA que o Alon desenvolveu, que
      permite adicionarmos qualquer provedor de autenticação e
      customizar da forma que precisarmos, o oVirt ficou bem mais
      flexível. <br>
      <br>
      Ótimo que isso resolveu seu problema. Você se importa de escrever
      um post sobre isso? Podemos colocar na wiki do projeto.<br>
      <br>
      On 10/31/2014 10:56 AM, Marcelo Donato wrote:<br>
    </div>
    <blockquote
cite="mid:CAPaMSciyyb4_0EidtC=903myuozZmcRuQYt1rMGsvCWcUdzDRQ@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div class="gmail_default" style="font-size:small">Seguindo a
          sugestão do Amador, fui para a versão 3.5 do oVirt já que na
          3.4 não tive sucesso.</div>
        <div class="gmail_default" style="font-size:small"><br>
        </div>
        <div class="gmail_default" style="font-size:small">Na nova
          versão, oVirt e FreeIpa trabalhando perfeitamente em conjunto.</div>
        <div class="gmail_default" style="font-size:small"><br>
        </div>
        <div class="gmail_default" style="font-size:small">Abaixo a
          solução para a questão.</div>
        <div class="gmail_default" style="font-size:small"><br>
        </div>
        <div class="gmail_default" style="font-size:small">Mais uma vez
          agradeço ao Amador, tanto pela sugestão quanto pela atenção, e
          ao Alon Bar que resolveu o problema.</div>
        <div class="gmail_default" style="font-size:small"><br>
        </div>
        <div class="gmail_default" style="font-size:small">#####################################################</div>
        <div class="gmail_default" style="font-size:small"><br>
        </div>
        <div class="gmail_default" style="font-size:small"><span
            style="font-family:arial,sans-serif">Resolved  By "Alon
            Bar-Lev" &lt;</span><a moz-do-not-send="true"
            href="mailto:alonbl@redhat.com" target="_blank"
            style="font-family:arial,sans-serif">alonbl@redhat.com</a><span
            style="font-family:arial,sans-serif">&gt;</span><br>
        </div>
        <div class="gmail_default" style="font-size:small">
          <div style="font-family:arial,sans-serif">
            <div class="im">
              <div class="gmail_default"><br>
              </div>
              <div class="gmail_default"><br>
              </div>
              <div class="gmail_default"><span style="font-size:13px">1.
                  install  ovirt-engine-extension-aaa-</span><span
                  style="font-size:13px">ldap, it is available in
                  ovirt-3.5-snapshots repository.</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <span style="font-size:13px">2. create
                  /etc/ovirt-engine/extensions.</span><span
                  style="font-size:13px">d/din.intranet-authz.</span><span
                  style="font-size:13px">properties</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <a moz-do-not-send="true"
                  href="http://ovirt.engine.extension.name/"
                  target="_blank" style="font-size:13px">ovirt.engine.extension.name</a><span
                  style="font-size:13px"> = din-intranet-authz</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">bindings.method = jbossmodule</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">binding.jbossmodule.module =
                  org.ovirt.engine-extensions.</span><span
                  style="font-size:13px">aaa.ldap</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">binding.jbossmodule.class =
                  org.ovirt.engineextensions.</span><span
                  style="font-size:13px">aaa.ldap.AuthzExtension</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">provides =
                  org.ovirt.engine.api.</span><span
                  style="font-size:13px">extensions.aaa.Authz</span><br
                  style="font-size:13px">
                <span style="font-size:13px">config.profile.file.1 =
                  /etc/ovirt-engine/aaa/din.</span><span
                  style="font-size:13px">intranet.properties</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <span style="font-size:13px">3. create
                  /etc/ovirt-engine/extensions.</span><span
                  style="font-size:13px">d/din.intranet-authn.</span><span
                  style="font-size:13px">properties</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <a moz-do-not-send="true"
                  href="http://ovirt.engine.extension.name/"
                  target="_blank" style="font-size:13px">ovirt.engine.extension.name</a><span
                  style="font-size:13px"> = din-intranet-authn</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">bindings.method = jbossmodule</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">binding.jbossmodule.module =
                  org.ovirt.engine-extensions.</span><span
                  style="font-size:13px">aaa.ldap</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">binding.jbossmodule.class =
                  org.ovirt.engineextensions.</span><span
                  style="font-size:13px">aaa.ldap.AuthnExtension</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.extension.</span><span
                  style="font-size:13px">provides =
                  org.ovirt.engine.api.</span><span
                  style="font-size:13px">extensions.aaa.Authn</span><br
                  style="font-size:13px">
                <a moz-do-not-send="true"
                  href="http://ovirt.engine.aaa.authn.profile.name/"
                  target="_blank" style="font-size:13px">ovirt.engine.aaa.authn.profile.name</a><span
                  style="font-size:13px"> = din.intranet</span><br
                  style="font-size:13px">
                <span style="font-size:13px">ovirt.engine.aaa.authn.authz.</span><span
                  style="font-size:13px">plugin = din-intranet-authz</span><br
                  style="font-size:13px">
                <span style="font-size:13px">config.profile.file.1 =
                  /etc/ovirt-engine/aaa/din.</span><span
                  style="font-size:13px">intranet.properties</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <span style="font-size:13px">4. create
                  /etc/ovirt-engine/aaa/din.</span><span
                  style="font-size:13px">intranet.properties</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <span style="font-size:13px">include =
                  &lt;ipa.properties&gt;</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <span style="font-size:13px">vars.user =
                  uid=admin,cn=users,cn=</span><span
                  style="font-size:13px">accounts,dc=din,dc=intranet</span><br
                  style="font-size:13px">
                <span style="font-size:13px">vars.password = 123456</span><br
                  style="font-size:13px">
                <span style="font-size:13px">vars.server =
                  ipa1.din.intranet</span><br style="font-size:13px">
                <br style="font-size:13px">
                <span style="font-size:13px">pool.default.serverset.single.</span><span
                  style="font-size:13px">server = ${global:vars.server}</span><br
                  style="font-size:13px">
                <span style="font-size:13px">pool.default.auth.simple.</span><span
                  style="font-size:13px">bindDN = ${global:vars.user}</span><br
                  style="font-size:13px">
                <span style="font-size:13px">pool.default.auth.simple.</span><span
                  style="font-size:13px">password =
                  ${global:vars.password}</span><br
                  style="font-size:13px">
                <br style="font-size:13px">
                <span style="font-size:13px">5. restart engine.</span></div>
              <div class="gmail_default"><span style="font-size:13px"><br>
                </span></div>
              <div class="gmail_default"><br>
              </div>
            </div>
          </div>
        </div>
        <div class="gmail_extra"><br clear="all">
          <div><br>
          </div>
          -- <br>
          <div class="gmail_signature">Ao encaminhar esta mensagem, por
            favor:<br>
            1. Apague o meu e-mail e o meu nome.<br>
            2. Apague também os endereços dos amigos antes de reenviar<br>
            3. Use Cco ou Bcc para enviar mensagens!<br>
            Dificulte a disseminação de vírus e spam.</div>
        </div>
      </div>
    </blockquote>
    <br>
  </body>
</html>