<div dir="ltr"><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small"><div class="gmail_default">Below the solution. Resolved  By &quot;Alon Bar-Lev&quot; &lt;<a href="mailto:alonbl@redhat.com">alonbl@redhat.com</a>&gt;</div><div class="gmail_default"><br></div><div class="gmail_default"><br></div><div class="gmail_default"><span style="font-family:arial,sans-serif;font-size:13px">1. install  ovirt-engine-extension-aaa-</span><span style="font-family:arial,sans-serif;font-size:13px">ldap, it is available in ovirt-3.5-snapshots repository.</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">2. create /etc/ovirt-engine/extensions.</span><span style="font-family:arial,sans-serif;font-size:13px">d/din.intranet-authz.</span><span style="font-family:arial,sans-serif;font-size:13px">properties</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><a href="http://ovirt.engine.extension.name/" target="_blank" style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.name</a><span style="font-family:arial,sans-serif;font-size:13px"> = din-intranet-authz</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">bindings.method = jbossmodule</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">binding.jbossmodule.module = org.ovirt.engine-extensions.</span><span style="font-family:arial,sans-serif;font-size:13px">aaa.ldap</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">binding.jbossmodule.class = org.ovirt.engineextensions.</span><span style="font-family:arial,sans-serif;font-size:13px">aaa.ldap.AuthzExtension</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">provides = org.ovirt.engine.api.</span><span style="font-family:arial,sans-serif;font-size:13px">extensions.aaa.Authz</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">config.profile.file.1 = /etc/ovirt-engine/aaa/din.</span><span style="font-family:arial,sans-serif;font-size:13px">intranet.properties</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">3. create /etc/ovirt-engine/extensions.</span><span style="font-family:arial,sans-serif;font-size:13px">d/din.intranet-authn.</span><span style="font-family:arial,sans-serif;font-size:13px">properties</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><a href="http://ovirt.engine.extension.name/" target="_blank" style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.name</a><span style="font-family:arial,sans-serif;font-size:13px"> = din-intranet-authn</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">bindings.method = jbossmodule</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">binding.jbossmodule.module = org.ovirt.engine-extensions.</span><span style="font-family:arial,sans-serif;font-size:13px">aaa.ldap</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">binding.jbossmodule.class = org.ovirt.engineextensions.</span><span style="font-family:arial,sans-serif;font-size:13px">aaa.ldap.AuthnExtension</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.extension.</span><span style="font-family:arial,sans-serif;font-size:13px">provides = org.ovirt.engine.api.</span><span style="font-family:arial,sans-serif;font-size:13px">extensions.aaa.Authn</span><br style="font-family:arial,sans-serif;font-size:13px"><a href="http://ovirt.engine.aaa.authn.profile.name/" target="_blank" style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.aaa.authn.profile.name</a><span style="font-family:arial,sans-serif;font-size:13px"> = din.intranet</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">ovirt.engine.aaa.authn.authz.</span><span style="font-family:arial,sans-serif;font-size:13px">plugin = din-intranet-authz</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">config.profile.file.1 = /etc/ovirt-engine/aaa/din.</span><span style="font-family:arial,sans-serif;font-size:13px">intranet.properties</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">4. create /etc/ovirt-engine/aaa/din.</span><span style="font-family:arial,sans-serif;font-size:13px">intranet.properties</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">include = &lt;ipa.properties&gt;</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">vars.user = uid=admin,cn=users,cn=</span><span style="font-family:arial,sans-serif;font-size:13px">accounts,dc=din,dc=intranet</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">vars.password = 123456</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">vars.server = ipa1.din.intranet</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">pool.default.serverset.single.</span><span style="font-family:arial,sans-serif;font-size:13px">server = ${global:vars.server}</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">pool.default.auth.simple.</span><span style="font-family:arial,sans-serif;font-size:13px">bindDN = ${global:vars.user}</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">pool.default.auth.simple.</span><span style="font-family:arial,sans-serif;font-size:13px">password = ${global:vars.password}</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">5. restart engine.</span></div><div class="gmail_default"><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div class="gmail_default"><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div class="gmail_default"><span style="font-family:arial,sans-serif;font-size:13px">Thanks a lot Alon.</span></div></div><div class="gmail_extra"><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature">Ao encaminhar esta mensagem, por favor:<br>1. Apague o meu e-mail e o meu nome.<br>2. Apague também os endereços dos amigos antes de reenviar<br>3. Use Cco ou Bcc para enviar mensagens!<br>Dificulte a disseminação de vírus e spam.</div>
</div></div>