<div dir="ltr"><div class="gmail_default" style="font-size:small">Seguindo a sugestão do Amador, fui para a versão 3.5 do oVirt já que na 3.4 não tive sucesso.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Na nova versão, oVirt e FreeIpa trabalhando perfeitamente em conjunto.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Abaixo a solução para a questão.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">Mais uma vez agradeço ao Amador, tanto pela sugestão quanto pela atenção, e ao Alon Bar que resolveu o problema.</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">#####################################################</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><span style="font-family:arial,sans-serif">Resolved  By &quot;Alon Bar-Lev&quot; &lt;</span><a href="mailto:alonbl@redhat.com" target="_blank" style="font-family:arial,sans-serif">alonbl@redhat.com</a><span style="font-family:arial,sans-serif">&gt;</span><br></div><div class="gmail_default" style="font-size:small"><div style="font-family:arial,sans-serif"><div class="adm"><div id="q_149668a55b9f0704_1" class="h4"><div class=""></div></div></div><div class="im"><div class="gmail_default"><br></div><div class="gmail_default"><br></div><div class="gmail_default"><span style="font-size:13px">1. install  ovirt-engine-extension-aaa-</span><span style="font-size:13px">ldap, it is available in ovirt-3.5-snapshots repository.</span><br style="font-size:13px"><br style="font-size:13px"><span style="font-size:13px">2. create /etc/ovirt-engine/extensions.</span><span style="font-size:13px">d/din.intranet-authz.</span><span style="font-size:13px">properties</span><br style="font-size:13px"><br style="font-size:13px"><a href="http://ovirt.engine.extension.name/" target="_blank" style="font-size:13px">ovirt.engine.extension.name</a><span style="font-size:13px"> = din-intranet-authz</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">bindings.method = jbossmodule</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">binding.jbossmodule.module = org.ovirt.engine-extensions.</span><span style="font-size:13px">aaa.ldap</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">binding.jbossmodule.class = org.ovirt.engineextensions.</span><span style="font-size:13px">aaa.ldap.AuthzExtension</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">provides = org.ovirt.engine.api.</span><span style="font-size:13px">extensions.aaa.Authz</span><br style="font-size:13px"><span style="font-size:13px">config.profile.file.1 = /etc/ovirt-engine/aaa/din.</span><span style="font-size:13px">intranet.properties</span><br style="font-size:13px"><br style="font-size:13px"><span style="font-size:13px">3. create /etc/ovirt-engine/extensions.</span><span style="font-size:13px">d/din.intranet-authn.</span><span style="font-size:13px">properties</span><br style="font-size:13px"><br style="font-size:13px"><a href="http://ovirt.engine.extension.name/" target="_blank" style="font-size:13px">ovirt.engine.extension.name</a><span style="font-size:13px"> = din-intranet-authn</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">bindings.method = jbossmodule</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">binding.jbossmodule.module = org.ovirt.engine-extensions.</span><span style="font-size:13px">aaa.ldap</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">binding.jbossmodule.class = org.ovirt.engineextensions.</span><span style="font-size:13px">aaa.ldap.AuthnExtension</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.extension.</span><span style="font-size:13px">provides = org.ovirt.engine.api.</span><span style="font-size:13px">extensions.aaa.Authn</span><br style="font-size:13px"><a href="http://ovirt.engine.aaa.authn.profile.name/" target="_blank" style="font-size:13px">ovirt.engine.aaa.authn.profile.name</a><span style="font-size:13px"> = din.intranet</span><br style="font-size:13px"><span style="font-size:13px">ovirt.engine.aaa.authn.authz.</span><span style="font-size:13px">plugin = din-intranet-authz</span><br style="font-size:13px"><span style="font-size:13px">config.profile.file.1 = /etc/ovirt-engine/aaa/din.</span><span style="font-size:13px">intranet.properties</span><br style="font-size:13px"><br style="font-size:13px"><span style="font-size:13px">4. create /etc/ovirt-engine/aaa/din.</span><span style="font-size:13px">intranet.properties</span><br style="font-size:13px"><br style="font-size:13px"><span style="font-size:13px">include = &lt;ipa.properties&gt;</span><br style="font-size:13px"><br style="font-size:13px"><span style="font-size:13px">vars.user = uid=admin,cn=users,cn=</span><span style="font-size:13px">accounts,dc=din,dc=intranet</span><br style="font-size:13px"><span style="font-size:13px">vars.password = 123456</span><br style="font-size:13px"><span style="font-size:13px">vars.server = ipa1.din.intranet</span><br style="font-size:13px"><br style="font-size:13px"><span style="font-size:13px">pool.default.serverset.single.</span><span style="font-size:13px">server = ${global:vars.server}</span><br style="font-size:13px"><span style="font-size:13px">pool.default.auth.simple.</span><span style="font-size:13px">bindDN = ${global:vars.user}</span><br style="font-size:13px"><span style="font-size:13px">pool.default.auth.simple.</span><span style="font-size:13px">password = ${global:vars.password}</span><br style="font-size:13px"><br style="font-size:13px"><span style="font-size:13px">5. restart engine.</span></div><div class="gmail_default"><span style="font-size:13px"><br></span></div><div class="gmail_default"><br></div></div></div></div><div class="gmail_extra"><br clear="all"><div><br></div>-- <br><div class="gmail_signature">Ao encaminhar esta mensagem, por favor:<br>1. Apague o meu e-mail e o meu nome.<br>2. Apague também os endereços dos amigos antes de reenviar<br>3. Use Cco ou Bcc para enviar mensagens!<br>Dificulte a disseminação de vírus e spam.</div>
</div></div>