<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Hi,<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">it seem that your schema doesn't match the defaults or you home some configuration issue. Could you please execute following and send us the output for your IPA setup?<br><br> ovirt-engine-extensions-tool --log-level=FINE aaa authz-fetch_principal_record --authz-flag=resolve-groups-recursive --authz-flag=resolve-groups --extension-name=<PROFILE-NAME> --principal-name=<USERNAME><br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">The above will search for a user by <USERNAME> and tries to fetch all groups he is member of.<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Btw you can test both "search users/groups" and "login a user" during aaa-ldap-setup tool (and it's recommended to do so) and the output from those commands should provide you the same details.<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Thanks<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Martin Perina<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jan 30, 2017 at 9:27 PM, Matt . <span dir="ltr"><<a href="mailto:yamakasi.014@gmail.com" target="_blank">yamakasi.014@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
When I do a ovirt-engine-extension-aaa-<wbr>ldap-setup and chose IPA the<br>
groups are shown but the users are not.<br>
<br>
When I chose 389ds, the users are shown but not the groups.<br>
<br>
Is something wrong with the FreeIPA implementation ? I'm on latest IPA<br>
4.4 version from Fedora<br>
<br>
Cheers,<br>
<br>
Matt<br>
______________________________<wbr>_________________<br>
Users mailing list<br>
<a href="mailto:Users@ovirt.org">Users@ovirt.org</a><br>
<a href="http://lists.ovirt.org/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.ovirt.org/<wbr>mailman/listinfo/users</a><br>
</blockquote></div><br></div>