Re: [ovirt-users] oVirt 3.5 and FreeIpa

Thursday, 22 January 2015

This is a multi-part message in MIME format.

------------MIME-295668495-1198010832-delim
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable

On 01/22/2015 01=3A13 PM=2C Alon Bar-Lev wrote=3A
=3E
=3E ----- Original Message -----
=3E=3E From=3A =22Jorick Astrego=22 =3Cj=2Eastrego=40netbulae=2Eeu=3E
=3E=3E To=3A users=40ovirt=2Eorg
=3E=3E Sent=3A Thursday=2C January 22=2C 2015 2=3A09=3A18 PM
=3E=3E Subject=3A Re=3A =5Bovirt-users=5D oVirt 3=2E5 and FreeIpa
=3E=3E
=3E=3E
=3E=3E On 01/22/2015 12=3A59 PM=2C Alon Bar-Lev wrote=3A
=3E=3E=3E ----- Original Message -----
=3E=3E=3E=3E From=3A =22Jorick Astrego=22 =3Cj=2Eastrego=40 netbulae=2Eeu=
 =3E
=3E=3E=3E=3E To=3A users=40 ovirt=2Eorg
=3E=3E=3E=3E Sent=3A Thursday=2C January 22=2C 2015 1=3A41=3A40 PM
=3E=3E=3E=3E Subject=3A Re=3A =5Bovirt-users=5D oVirt 3=2E5 and FreeIpa
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E On 10/31/2014 02=3A47 PM=2C Marcelo Donato wrote=3A
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E Below the solution=2E Resolved By =22Alon Bar-Lev=22 =3C alonb=
l=40 redhat=2Ecom =3E
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E 1=2E install ovirt-engine-extension-aaa- ldap=2C it is availab=
le in
=3E=3E=3E=3E ovirt-3=2E5-snapshots repository=2E
=3E=3E=3E=3E
=3E=3E=3E=3E 2=2E create /etc/ovirt-engine/extensions=2E d/din=2Eintranet-a=
uthz=2E properties
=3E=3E=3E=3E
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2Ename =3D din-intranet-authz
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E bindings=2Emethod =3D jbossmodul=
e
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E binding=2Ejbossmodule=2Emodule=
 =3D
=3E=3E=3E=3E org=2Eovirt=2Eengine-extensions=2E aaa=2Eldap
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E binding=2Ejbossmodule=2Eclass=20=
=3D
=3E=3E=3E=3E org=2Eovirt=2Eengineextensions=2E aaa=2Eldap=2EAuthzExtension=

=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E provides =3D org=2Eovirt=2Eengin=
e=2Eapi=2E
=3E=3E=3E=3E extensions=2Eaaa=2EAuthz
=3E=3E=3E=3E config=2Eprofile=2Efile=2E1 =3D /etc/ovirt-engine/aaa/din=2E i=
ntranet=2Eproperties
=3E=3E=3E=3E
=3E=3E=3E=3E 3=2E create /etc/ovirt-engine/extensions=2E d/din=2Eintranet-a=
uthn=2E properties
=3E=3E=3E=3E
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2Ename =3D din-intranet-authn
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E bindings=2Emethod =3D jbossmodul=
e
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E binding=2Ejbossmodule=2Emodule=
 =3D
=3E=3E=3E=3E org=2Eovirt=2Eengine-extensions=2E aaa=2Eldap
=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E binding=2Ejbossmodule=2Eclass=20=
=3D
=3E=3E=3E=3E org=2Eovirt=2Eengineextensions=2E aaa=2Eldap=2EAuthnExtension=

=3E=3E=3E=3E ovirt=2Eengine=2Eextension=2E provides =3D org=2Eovirt=2Eengin=
e=2Eapi=2E
=3E=3E=3E=3E extensions=2Eaaa=2EAuthn
=3E=3E=3E=3E ovirt=2Eengine=2Eaaa=2Eauthn=2Eprofile=2Ename =3D din=2Eintran=
et
=3E=3E=3E=3E ovirt=2Eengine=2Eaaa=2Eauthn=2Eauthz=2E plugin =3D din-intrane=
t-authz
=3E=3E=3E=3E config=2Eprofile=2Efile=2E1 =3D /etc/ovirt-engine/aaa/din=2E i=
ntranet=2Eproperties
=3E=3E=3E=3E
=3E=3E=3E=3E 4=2E create /etc/ovirt-engine/aaa/din=2E intranet=2Eproperties=

=3E=3E=3E=3E
=3E=3E=3E=3E include =3D =3Cipa=2Eproperties=3E
=3E=3E=3E=3E
=3E=3E=3E=3E vars=2Euser =3D uid=3Dadmin=2Ccn=3Dusers=2Ccn=3D accounts=2Cdc=
=3Ddin=2Cdc=3Dintranet
=3E=3E=3E=3E vars=2Epassword =3D 123456
=3E=3E=3E=3E vars=2Eserver =3D ipa1=2Edin=2Eintranet
=3E=3E=3E=3E
=3E=3E=3E=3E pool=2Edefault=2Eserverset=2Esingle=2E server =3D =24=7Bglobal=
=3Avars=2Eserver=7D
=3E=3E=3E=3E pool=2Edefault=2Eauth=2Esimple=2E bindDN =3D =24=7Bglobal=3Ava=
rs=2Euser=7D
=3E=3E=3E=3E pool=2Edefault=2Eauth=2Esimple=2E password =3D =24=7Bglobal=3A=
vars=2Epassword=7D
=3E=3E=3E=3E
=3E=3E=3E=3E 5=2E restart engine=2E
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E Thanks a lot Alon=2E
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E
=3E=3E=3E=3E Thanks for this=2C saved me some time!
=3E=3E=3E=3E
=3E=3E=3E=3E Just a couple of addtions=2C please hash the password with SSH=
A =28I really
=3E=3E=3E=3E hate
=3E=3E=3E=3E plain text admin passwords=2E=2E=2E=29
=3E=3E=3E=3E I tried putting an =7BSSHA=7D encoded password in =22 vars=2Ep=
assword =3D=22 =2C but it
=3E=3E=3E=3E fails to authenticate while plain text works fine=2E
=3E=3E=3E I am unsure I understand=2E
=3E=3E=3E using hash to store password hint at server side makes sense=2E=

=3E=3E=3E but using hash to store password at client side does not makes se=
ns=2C this
=3E=3E=3E means that if I get the server database I can authenticate to any=
 user
=3E=3E=3E without knowing his password=2E
=3E=3E=3E
=3E=3E=3E Also=2C please note that the user you specify within configuratio=
n should not
=3E=3E=3E have any special privilege but to query public objects within lda=
p=2E
=3E=3E I don=27t like storing plain text in textfiles=2C so I try to avoid=
 it=2E Even
=3E=3E if it is a read only user there are no =22public=22 objects that I l=
ike to
=3E=3E expose to anyone=2E I can query groups=2C group members=2C e-mail ad=
dresses=2C
=3E=3E krbPasswordExpiration=2C krbLastPwdChange etc=2E with this user=2E=

=3E=3E
=3E=3E So that=27s why I try to have the bind user password hashed in the=

=3E=3E properties file=2E
=3E as I wrote above=2C storing hash instead of password does not enhance s=
ecurity=2E
=3E it is the same as if you just set the user=27s password to the hash=2E=

Ah yes=2C silly me=2E You are absolutely right=2E It has been such a long=

habit=2E=2E=2E But it does help when people intercept the traffic=2E Does t=
he
ldap plugin send it hashed to the ldap server=3F

I think FreeIPA supports salted sha512 but I=27m not entirely sure=2E

You=27ll probably say that I need to enable TLS=2C but there have been many=

weaknesses in ssl and MITM issues=2E So more is always better in a
security perspective=2E

Met vriendelijke groet=2C With kind regards=2C

Jorick Astrego

Netbulae Virtualization Experts=20

----------------

=09Tel=3A 053 20 30 270 =09info=40netbulae=2Eeu =09Staalsteden 4-3A =09KvK=
 08198180
 =09Fax=3A 053 20 30 271 =09www=2Enetbulae=2Eeu =097547 TA Enschede =09BTW=
 NL821234584B01

----------------

------------MIME-295668495-1198010832-delim
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: quoted-printable

=3Chtml=3E
=3Cbody=3E
&#13;<br>
On 01/22/2015 01:13 PM, Alon Bar-Lev wrote:&#13;<br>
<font color=3D"#000000">&gt;&#13;</font><br>
<font color=3D"#000000">&gt; ----- Original Message
-----&#13;</font><br>
<font color=3D"#000000">&gt;&gt; From: &quot;Jorick
Astrego&quot; &lt;j.ast=
rego@<a
href=3D"mailto:netbulae.eu">netbulae.eu</a>&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt; To: users@<a
href=3D"mailto:ovirt.org">ovi=
rt.org</a>&#13;</font><br>
<font color=3D"#000000">&gt;&gt; Sent: Thursday, January 22, 2015
2:09:18 P=
M&#13;</font><br>
<font color=3D"#000000">&gt;&gt; Subject: Re: [ovirt-users] oVirt
3.5 and F=
reeIpa&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt; On 01/22/2015 12:59 PM, Alon
Bar-Lev wrote=
:&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt; ----- Original Message
-----&#13;</fon=
t><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; From:
&quot;Jorick Astrego&quot; &=
lt;j.astrego@ netbulae.eu &gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; To: users@
ovirt.org&#13;</font><b=
r>
<font color=3D"#000000">&gt;&gt;&gt;&gt; Sent: Thursday,
January 22, 2015 1=
:41:40 PM&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; Subject: Re:
[ovirt-users] oVirt 3=
.5 and FreeIpa&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; On 10/31/2014
02:47 PM, Marcelo Do=
nato wrote:&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; Below the
solution. Resolved By &q=
uot;Alon Bar-Lev&quot; &lt; alonbl@ redhat.com
&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; 1. install
ovirt-engine-extension-=
aaa- ldap, it is available in&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt-3.5-snapshots repository.&#1=
3;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; 2. create
/etc/ovirt-engine/extens=
ions. d/din.intranet-authz. properties&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension.name =3D di=
n-intranet-authz&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. bindings.m=
ethod =3D jbossmodule&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. binding.jb=
ossmodule.module =3D&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
org.ovirt.engine-extensions. aaa.l=
dap&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. binding.jb=
ossmodule.class =3D&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
org.ovirt.engineextensions. aaa.ld=
ap.AuthzExtension&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. provides =
=3D org.ovirt.engine.api.&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
extensions.aaa.Authz&#13;</font><b=
r>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
config.profile.file.1 =3D /etc/ovi=
rt-engine/aaa/din. intranet.properties&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; 3. create
/etc/ovirt-engine/extens=
ions. d/din.intranet-authn. properties&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension.name =3D di=
n-intranet-authn&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. bindings.m=
ethod =3D jbossmodule&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. binding.jb=
ossmodule.module =3D&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
org.ovirt.engine-extensions. aaa.l=
dap&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. binding.jb=
ossmodule.class =3D&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
org.ovirt.engineextensions. aaa.ld=
ap.AuthnExtension&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.extension. provides =
=3D org.ovirt.engine.api.&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
extensions.aaa.Authn&#13;</font><b=
r>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.aaa.authn.profile.nam=
e =3D din.intranet&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
ovirt.engine.aaa.authn.authz. plug=
in =3D din-intranet-authz&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
config.profile.file.1 =3D /etc/ovi=
rt-engine/aaa/din. intranet.properties&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; 4. create
/etc/ovirt-engine/aaa/di=
n. intranet.properties&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; include =3D
&lt;ipa.properties&gt;=
&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; vars.user =3D
uid=3Dadmin,cn=3Duse=
rs,cn=3D accounts,dc=3Ddin,dc=3Dintranet&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; vars.password =3D
123456&#13;</fon=
t><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; vars.server =3D
ipa1.din.intranet&=
#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
pool.default.serverset.single. ser=
ver =3D ${global:vars.server}&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
pool.default.auth.simple. bindDN =
=3D ${global:vars.user}&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
pool.default.auth.simple. password=
 =3D ${global:vars.password}&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; 5. restart
engine.&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; Thanks a lot
Alon.&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; Thanks for this,
saved me some tim=
e!&#13;</font><br>
<font
color=3D"#000000">&gt;&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; Just a couple of
addtions, please =
hash the password with SSHA (I really&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt;
hate&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; plain text admin
passwords...)&#13=
;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; I tried putting
an {SSHA} encoded =
password in &quot; vars.password =3D&quot; , but
it&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt;&gt; fails to
authenticate while plain =
text works fine.&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt; I am unsure I
understand.&#13;</font><=
br>
<font color=3D"#000000">&gt;&gt;&gt; using hash to store
password hint at s=
erver side makes sense.&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt; but using hash to store
password at cl=
ient side does not makes sens, this&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt; means that if I get the
server databas=
e I can authenticate to any user&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt; without knowing his
password.&#13;</fo=
nt><br>
<font
color=3D"#000000">&gt;&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt; Also, please note that
the user you sp=
ecify within configuration should not&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&gt; have any special
privilege but to quer=
y public objects within ldap.&#13;</font><br>
<font color=3D"#000000">&gt;&gt; I don't like storing plain
text in textfil=
es, so I try to avoid it. Even&#13;</font><br>
<font color=3D"#000000">&gt;&gt; if it is a read only user there
are no &qu=
ot;public&quot; objects that I like to&#13;</font><br>
<font color=3D"#000000">&gt;&gt; expose to anyone. I can query
groups, grou=
p members, e-mail addresses,&#13;</font><br>
<font color=3D"#000000">&gt;&gt; krbPasswordExpiration,
krbLastPwdChange et=
c. with this user.&#13;</font><br>
<font color=3D"#000000">&gt;&gt;&#13;</font><br>
<font color=3D"#000000">&gt;&gt; So that's why I try to have
the bind user =
password hashed in the&#13;</font><br>
<font color=3D"#000000">&gt;&gt; properties
file.&#13;</font><br>
<font color=3D"#000000">&gt; as I wrote above, storing hash instead of
pass=
word does not enhance security.&#13;</font><br>
<font color=3D"#000000">&gt; it is the same as if you just set the
user's p=
assword to the hash.&#13;</font><br>
&#13;<br>
Ah yes, silly me. You are absolutely <br>
right. It has been such a long&#13;<br>
habit... But it does help when people intercept the traffic. Does the&#13;<=
br>
ldap plugin send it hashed to the ldap server?&#13;<br>
&#13;<br>
I think FreeIPA supports salted sha512 but I'm not entirely sure.&#13;<br>
&#13;<br>
You'll probably say that I need to enable TLS, but there have been many&#13=
;<br>
weaknesses in ssl and MITM issues. So more is always better in a&#13;<br>
security perspective.&#13;<br>
&#13;<br>
&#13;<br>
&#13;<br>
=

=3CBR /=3E
=3CBR /=3E
=3Cb style=3D=22color=3A=23604c78=22=3E=3C/b=3E=3Cbr=3E=3Cspan style=3D=22c=
olor=3A=23604c78=3B=22=3E=3Cfont color=3D=22000000=22=3E=3Cspan style=3D=22=
mso-fareast-language=3Aen-gb=3B=22 lang=3D=22NL=22=3EMet vriendelijke groet=
=2C With kind regards=2C=3Cbr=3E=3Cbr=3E=3C/span=3EJorick Astrego=3C/font=
=3E=3C/span=3E=3Cb style=3D=22color=3A=23604c78=22=3E=3Cbr=3E=3Cbr=3ENetbul=
ae Virtualization Experts =3C/b=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3B=
border-top=3A1px solid =23ccc=3B=22=3E=3Ctable style=3D=22width=3A 522px=22=
=3E=3Ctbody=3E=3Ctr=3E=3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=
=22=3ETel=3A  053 20 30 270=3C/td=3E    =3Ctd style=3D=22width=3A 130px=3Bf=
ont-size=3A 10px=22=3Einfo=40netbulae=2Eeu=3C/td=3E    =3Ctd style=3D=22wid=
th=3A 130px=3Bfont-size=3A 10px=22=3EStaalsteden 4-3A=3C/td=3E    =3Ctd sty=
le=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EKvK 08198180=3C/td=3E=3C/tr=
=3E=3Ctr=3E    =3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EFax=
=3A 053 20 30 271=3C/td=3E    =3Ctd style=3D=22width=3A 130px=3Bfont-size=
=3A 10px=22=3Ewww=2Enetbulae=2Eeu=3C/td=3E    =3Ctd style=3D=22width=3A 130=
px=3Bfont-size=3A 10px=22=3E7547 TA Enschede=3C/td=3E    =3Ctd style=3D=22w=
idth=3A 130px=3Bfont-size=3A 10px=22=3EBTW NL821234584B01=3C/td=3E=3C/tr=3E=
=3C/tbody=3E=3C/table=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3Bborder-top=
=3A1px solid =23ccc=3B=22=3E=3CBR /=3E
=3C/body=3E
=3C/html=3E

------------MIME-295668495-1198010832-delim--

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Re: [ovirt-users] oVirt 3.5 and FreeIpa