<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Wed, Dec 10, 2014 at 5:43 PM, Alon Bar-Lev <span dir="ltr"><<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><br>
I suggest to install the new provider which does not require kerberos and much easier to customize / problem determination.<br>
<br>
<a href="http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD" target="_blank">http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD</a><br>
<div class=""><div class="h5"><br><br>
</div></div></blockquote></div><br></div><div class="gmail_extra">From what I read in your link it seems far from intuitive from an oVirt admin point of view who probably doesn't know ldap/IPA so in depth... authn and authz concepts overlap with related files and I have not understood how many files I have to add and if <span style="color:rgb(0,0,0);font-family:monospace;font-size:12px;white-space:pre">@AUTHZ_NAME@ and </span><span style="color:rgb(0,0,0);font-family:monospace;font-size:12px;white-space:pre">@AUTHN_NAME@</span> are the same string for a fixed IPA server or not...</div><div class="gmail_extra">also reading</div><div class="gmail_extra"><a href="http://www.ovirt.org/Features/AAA">http://www.ovirt.org/Features/AAA</a><br></div><div class="gmail_extra">doesn't clarify at least based my knowledge of ladap in general and IPA in particular (that is not so much...)</div><div class="gmail_extra"><br></div><div class="gmail_extra">Previsously I "only" had to run</div><div class="gmail_extra">engine-manage-domains add --domain=localdomain.local --provider=ipa --user=admin<br></div><div class="gmail_extra"><br></div><div class="gmail_extra">and my configured IPA 3.0 worked without any problem...</div><div class="gmail_extra"> </div><div class="gmail_extra">Can you detail what would be the structure of files under /etc/ovirt-engine/extensions.d/ ?</div><div class="gmail_extra">Or anyone already configured with IPA and has a working example of files?</div><div class="gmail_extra"><br></div><div class="gmail_extra">Gianluca</div></div>