[ovirt-users] Re: Ovirt-egine integration with OpenLDAP can't seem to find any users on Web-UI
On Thu, May 30, 2019 at 12:02 PM <rubennunes12(a)gmail.com> wrote:
1 - I'm using option 9, but i already tried the users that i have on the
ldap a none seems to work to bind.
I think this is the first thing to have working, before going ahead
I see that you put an option like this in your profile2.properties...
vars.user = ou=People,dc=lab,dc=local
And you should know the exact layout of your ldap tree...
Can you try something like this, supposing you have node1 user in your ldap
server:
ldapsearch -x -b "ou=People,dc=lab,dc=local" -s sub -H 192.168.16.114 -p
389 -D "uid=node1,ou=People,dc=lab,dc=local" -W 'uid=node1'
Eventually substitute the 2 occurrences of node1 with ldapadm in the
command above and its related password when prompted for now, just to check
2 - I was trying the 2 diferent aproaches by ip and hostname.
OK. But if the hostname is not resolved, for sure it will not work
3 - The ldapadm is supose to be the LDAP Manager so my point is to bind
that user.
It is not a good idea to use the manager to bind. Also because you don't
have SSL/TLS setup and so one could sniff and see its password in clear and
compromise your ldap server
Only need to create on ldap side a user that can serch through users and
groups and no particular privileges
4 - None of the profiles seems to work both of them don't show on the
web-ui of the ovirt, the diference is that one is in production and another
ias a lab test.
ok. Let's concentrate on one profile and when solved implement on the
other
one...
5 - My OpenLDAP doens't have certificate associated to him.
See above, reason to not use the superuser to bind.
Gianluca
Attachments:
- attachment.html (text/html — 2.8 KB)