On 03/03/2013 06:41, Keith Mitchell wrote:
> On 3/2/13 2:51 PM, Itamar Heim wrote:
>> On 01/03/2013 18:54, Keith Mitchell wrote:
>>>
>>> I'm trying to get rhevm 3.1 (which seems to be pretty much ovirt 3.1
>>> from what I can tell) authenticating against our active directory
>>> infrastructure bu am having some difficulty that I don't quite
>>> understand and was hoping someone may know what is happening.
>>>
>>> The server where rhevm/ovirt is running is a RHEL6 based server
>>> that has
>>> NIS configured (with user home directories mounted via
>>> nfs/automounter). The userids in nis match the userids in our
>>> ActiveDirectory server (in fact the passwords should match too since
>>> there is a sync between the two).
>>>
>>> I added the Activedirectory server into ovirt (through
>>> rhevm-manage-domains) and it is added/validated successfully. As the
>>> local admin user I can go in and search agains the active
>>> directory, add
>>> permissions, etc.
>>>
>>> But... If I try to log into the webadmin/user portals with one of the
>>> active directory accounts it seems to hang... and I noticed that it
>>> seems to be trying to mount the home directory of a bunch of users via
>>> the automounter (perhaps its trying to mount everyones home
>>> directory...
>>> can't tell). This takes a super long time since the home directories
>>> are all across the world and nfs access to some of these
>>> filesystems is
>>> really slow... i'm not sure it will ever complete... certainly not
>>> before the user gives up.
>>>
>>> Anyone know what would cause this? I wouldn't think this should
>>> happen. I was thinking it should just authenticate the password and
>>> then look at the permissions granted inside overt/rhevm.
>>
>> there is no need for the engine (rhev) machine to be part of the AD
>> domain for AD authentication to work, and i don't see why this should
>> happen.
>> yair/juan - thoughts?
>>
> Turns out the home directory mounting thing had nothing to do with my
> login issues or ovirt... The home directory issue was due to an issue
> with mod_dnssd (part of apache) in RHEL6.
>
> But even after fixing that, I still have login issues. Whenever I try
> to authenticate against active directory the webadmin/user gui seems to
> hang. I've looked at the network trace and it looks like the active
> directory authentication succeeded without issue, but the login screen
> just hangs.
>
> I can log in with the local admin user fine and I don't see anything in
> the engine.log files. Perhaps there may be some debug I can turn on to
> help identify what it is doing?
>
>
>
does the rest api works for an AD user?
(user@domain is the user name format. url is
http://xxx/api)