Re: [ovirt-users] oVirt 3.5 and FreeIpa

Thursday, 22 January 2015

This is a multi-part message in MIME format.
--------------090205000802070604090208
Content-Type: text/plain;
	charset="windows-1252"
Content-Transfer-Encoding: quoted-printable

On 10/31/2014 02=3A47 PM=2C Marcelo Donato wrote=3A
=3E
=3E Below the solution=2E Resolved  By =22Alon Bar-Lev=22 =3Calonbl=40redha=
t=2Ecom
=3E =3Cmailto=3Aalonbl=40redhat=2Ecom=3E=3E
=3E
=3E
=3E 1=2E install  ovirt-engine-extension-aaa-ldap=2C it is available in
=3E ovirt-3=2E5-snapshots repository=2E
=3E
=3E 2=2E create /etc/ovirt-engine/extensions=2Ed/din=2Eintranet-authz=2Epro=
perties
=3E
=3E ovirt=2Eengine=2Eextension=2Ename =3Chttp=3A//ovirt=2Eengine=2Eextensio=
n=2Ename/=3E =3D
=3E din-intranet-authz
=3E ovirt=2Eengine=2Eextension=2Ebindings=2Emethod =3D jbossmodule
=3E ovirt=2Eengine=2Eextension=2Ebinding=2Ejbossmodule=2Emodule =3D
=3E org=2Eovirt=2Eengine-extensions=2Eaaa=2Eldap
=3E ovirt=2Eengine=2Eextension=2Ebinding=2Ejbossmodule=2Eclass =3D
=3E org=2Eovirt=2Eengineextensions=2Eaaa=2Eldap=2EAuthzExtension
=3E ovirt=2Eengine=2Eextension=2Eprovides =3D
=3E org=2Eovirt=2Eengine=2Eapi=2Eextensions=2Eaaa=2EAuthz
=3E config=2Eprofile=2Efile=2E1 =3D /etc/ovirt-engine/aaa/din=2Eintranet=2E=
properties
=3E
=3E 3=2E create /etc/ovirt-engine/extensions=2Ed/din=2Eintranet-authn=2Epro=
perties
=3E
=3E ovirt=2Eengine=2Eextension=2Ename =3Chttp=3A//ovirt=2Eengine=2Eextensio=
n=2Ename/=3E =3D
=3E din-intranet-authn
=3E ovirt=2Eengine=2Eextension=2Ebindings=2Emethod =3D jbossmodule
=3E ovirt=2Eengine=2Eextension=2Ebinding=2Ejbossmodule=2Emodule =3D
=3E org=2Eovirt=2Eengine-extensions=2Eaaa=2Eldap
=3E ovirt=2Eengine=2Eextension=2Ebinding=2Ejbossmodule=2Eclass =3D
=3E org=2Eovirt=2Eengineextensions=2Eaaa=2Eldap=2EAuthnExtension
=3E ovirt=2Eengine=2Eextension=2Eprovides =3D
=3E org=2Eovirt=2Eengine=2Eapi=2Eextensions=2Eaaa=2EAuthn
=3E ovirt=2Eengine=2Eaaa=2Eauthn=2Eprofile=2Ename
=3E =3Chttp=3A//ovirt=2Eengine=2Eaaa=2Eauthn=2Eprofile=2Ename/=3E =3D din=
=2Eintranet
=3E ovirt=2Eengine=2Eaaa=2Eauthn=2Eauthz=2Eplugin =3D din-intranet-authz
=3E config=2Eprofile=2Efile=2E1 =3D /etc/ovirt-engine/aaa/din=2Eintranet=2E=
properties
=3E
=3E 4=2E create /etc/ovirt-engine/aaa/din=2Eintranet=2Eproperties
=3E
=3E include =3D =3Cipa=2Eproperties=3E
=3E
=3E vars=2Euser =3D uid=3Dadmin=2Ccn=3Dusers=2Ccn=3Daccounts=2Cdc=3Ddin=2Cd=
c=3Dintranet
=3E vars=2Epassword =3D 123456
=3E vars=2Eserver =3D ipa1=2Edin=2Eintranet
=3E
=3E pool=2Edefault=2Eserverset=2Esingle=2Eserver =3D =24=7Bglobal=3Avars=2E=
server=7D
=3E pool=2Edefault=2Eauth=2Esimple=2EbindDN =3D =24=7Bglobal=3Avars=2Euser=
=7D
=3E pool=2Edefault=2Eauth=2Esimple=2Epassword =3D =24=7Bglobal=3Avars=2Epas=
sword=7D
=3E
=3E 5=2E restart engine=2E
=3E
=3E
=3E Thanks a lot Alon=2E

Thanks for this=2C saved me some time!

Just a couple of addtions=2C please hash the password with SSHA =28I really=

hate plain text admin passwords=2E=2E=2E=29
I tried putting an =7BSSHA=7D encoded password in =22vars=2Epassword =3D=22=
=2C but it
fails to authenticate while plain text works fine=2E

For people with multiple ipa replica=27s I you guess you need to use=3A

Round robin configuration=3A

=09vars=2Eserver1 =3D ipa1=2Edin=2Eintranet
=09=09  vars=2Eserver2 =3D ipa2=2Edin=2Eintranet

=09pool=2Edefault=2Eserverset=2Etype =3D round-robin
    =09pool=2Edefault=2Eserverset=2Eround-robin=2E1=2Eserver =3D =24=7Bglob=
al=3Avars=2Eserver1=7D
    =09pool=2Edefault=2Eserverset=2Eround-robin=2E2=2Eserver =3D =24=7Bglob=
al=3Avars=2Eserver2=7D

instead of

    vars=2Eserver =3D ipa1=2Edin=2Eintranet
    pool=2Edefault=2Eserverset=2Esingle=2Eserver =3D =24=7Bglobal=3Avars=2E=
server=7D

But I still have to test that as our second replica is down at the moment=
=2E

Also can we get rid of the internal admin or better just disable
internal authenticationt without problems=3F As we have ipa we don=27t want=

local login enabled=2C but in emergency situations we might need to turn
it on quickly=2E

Kind regards=2C

Met vriendelijke groet=2C With kind regards=2C

Jorick Astrego

Netbulae Virtualization Experts=20

----------------

=09Tel=3A 053 20 30 270 =09info=40netbulae=2Eeu =09Staalsteden 4-3A =09KvK=
 08198180
 =09Fax=3A 053 20 30 271 =09www=2Enetbulae=2Eeu =097547 TA Enschede =09BTW=
 NL821234584B01

----------------

--------------090205000802070604090208
Content-Type: text/html;
	charset="windows-1252"
Content-Transfer-Encoding: quoted-printable

=3Chtml=3E
  =3Chead=3E
    =3Cmeta content=3D=22text/html=3B charset=3Dwindows-1252=22
      http-equiv=3D=22Content-Type=22=3E
  =3C/head=3E
  =3Cbody bgcolor=3D=22=23FFFFFF=22 text=3D=22=23000000=22=3E
    =3Cbr=3E
    =3Cdiv class=3D=22moz-cite-prefix=22=3EOn 10/31/2014 02=3A47 PM=2C Marc=
elo Donato
      wrote=3A=3Cbr=3E
    =3C/div=3E
    =3Cblockquote
cite=3D=22mid=3ACAPaMScju+7ALzdujfyrAeEBj4xeFcj9K3nGDxeuJQiQJRMgFVQ=40mail=
=2Egmail=2Ecom=22
      type=3D=22cite=22=3E
      =3Cdiv dir=3D=22ltr=22=3E
        =3Cdiv class=3D=22gmail=5Fdefault=22 style=3D=22font-size=3Asmall=
=22=3E=3Cbr=3E
        =3C/div=3E
        =3Cdiv class=3D=22gmail=5Fdefault=22 style=3D=22font-size=3Asmall=
=22=3E
          =3Cdiv class=3D=22gmail=5Fdefault=22=3EBelow the solution=2E Reso=
lved =A0By
            =22Alon Bar-Lev=22 =26lt=3B=3Ca moz-do-not-send=3D=22true=22
              href=3D=22mailto=3Aalonbl=40redhat=2Ecom=22=3Ealonbl=40redhat=
=2Ecom=3C/a=3E=26gt=3B=3C/div=3E
          =3Cdiv class=3D=22gmail=5Fdefault=22=3E=3Cbr=3E
          =3C/div=3E
          =3Cdiv class=3D=22gmail=5Fdefault=22=3E=3Cbr=3E
          =3C/div=3E
          =3Cdiv class=3D=22gmail=5Fdefault=22=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E1=2E
              install=A0 ovirt-engine-extension-aaa-=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eldap=2C
              it is available in ovirt-3=2E5-snapshots repository=2E=3C/spa=
n=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E2=2E
              create /etc/ovirt-engine/extensions=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ed/din=2Eintranet-authz=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eproperties=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Ca moz-do-not-send=3D=22true=22
              href=3D=22http=3A//ovirt=2Eengine=2Eextension=2Ename/=22 targ=
et=3D=22=5Fblank=22
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eovirt=2Eengine=2Eextension=2Ename=3C/a=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E=A0=3D
              din-intranet-authz=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ebindings=2Emethod
              =3D jbossmodule=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ebinding=2Ejbossmodule=2Emodule
              =3D org=2Eovirt=2Eengine-extensions=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eaaa=2Eldap=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ebinding=2Ejbossmodule=2Eclass
              =3D org=2Eovirt=2Eengineextensions=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eaaa=2Eldap=2EAuthzExtension=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eprovides
              =3D org=2Eovirt=2Eengine=2Eapi=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eextensions=2Eaaa=2EAuthz=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Econfig=2Eprofile=2Efile=2E1
              =3D /etc/ovirt-engine/aaa/din=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eintranet=2Eproperties=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E3=2E
              create /etc/ovirt-engine/extensions=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ed/din=2Eintranet-authn=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eproperties=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Ca moz-do-not-send=3D=22true=22
              href=3D=22http=3A//ovirt=2Eengine=2Eextension=2Ename/=22 targ=
et=3D=22=5Fblank=22
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eovirt=2Eengine=2Eextension=2Ename=3C/a=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E=A0=3D
              din-intranet-authn=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ebindings=2Emethod
              =3D jbossmodule=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ebinding=2Ejbossmodule=2Emodule
              =3D org=2Eovirt=2Eengine-extensions=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eaaa=2Eldap=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Ebinding=2Ejbossmodule=2Eclass
              =3D org=2Eovirt=2Eengineextensions=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eaaa=2Eldap=2EAuthnExtension=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eextension=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eprovides
              =3D org=2Eovirt=2Eengine=2Eapi=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eextensions=2Eaaa=2EAuthn=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Ca moz-do-not-send=3D=22true=22
              href=3D=22http=3A//ovirt=2Eengine=2Eaaa=2Eauthn=2Eprofile=2En=
ame/=22
              target=3D=22=5Fblank=22
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eovirt=2Eengine=2Eaaa=2Eauthn=2Eprofile=2Ename=3C/a=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E=A0=3D
              din=2Eintranet=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Eovirt=2Eengine=2Eaaa=2Eauthn=2Eauthz=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eplugin
              =3D din-intranet-authz=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Econfig=2Eprofile=2Efile=2E1
              =3D /etc/ovirt-engine/aaa/din=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eintranet=2Eproperties=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E4=2E
              create /etc/ovirt-engine/aaa/din=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eintranet=2Eproperties=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Einclude
              =3D =26lt=3Bipa=2Eproperties=26gt=3B=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Evars=2Euser
              =3D uid=3Dadmin=2Ccn=3Dusers=2Ccn=3D=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eaccounts=2Cdc=3Ddin=2Cdc=3Dintranet=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Evars=2Epassword
              =3D 123456=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Evars=2Eserver
              =3D ipa1=2Edin=2Eintranet=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Epool=2Edefault=2Eserverset=2Esingle=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Eserver
              =3D =24=7Bglobal=3Avars=2Eserver=7D=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Epool=2Edefault=2Eauth=2Esimple=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3EbindDN
              =3D =24=7Bglobal=3Avars=2Euser=7D=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3Epool=2Edefault=2Eauth=2Esimple=2E=3C/span=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3Epassword
              =3D =24=7Bglobal=3Avars=2Epassword=7D=3C/span=3E=3Cbr
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E
            =3Cbr style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E
            =3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=
=3A13px=22=3E5=2E
              restart engine=2E=3C/span=3E=3C/div=3E
          =3Cdiv class=3D=22gmail=5Fdefault=22=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E=3Cbr=3E
            =3C/span=3E=3C/div=3E
          =3Cdiv class=3D=22gmail=5Fdefault=22=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3E=3Cbr=3E
            =3C/span=3E=3C/div=3E
          =3Cdiv class=3D=22gmail=5Fdefault=22=3E=3Cspan
              style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13p=
x=22=3EThanks
              a lot Alon=2E=3C/span=3E=3C/div=3E
        =3C/div=3E
      =3C/div=3E
    =3C/blockquote=3E
    =3Cbr=3E
    =3Cbr=3E
    =3Cbr=3E
    Thanks for this=2C saved me some time! =3Cbr=3E
    =3Cbr=3E
    Just a couple of addtions=2C please hash the password with SSHA =28I
    really hate plain text admin passwords=2E=2E=2E=29 =3Cbr=3E
    I tried putting an =7BSSHA=7D encoded password in =22=3Cspan
      style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13px=22=3Ev=
ars=2Epassword
      =3D=22=3C/span=3E=2C but it fails to authenticate while plain text wo=
rks
    fine=2E=3Cbr=3E
    =3Cbr=3E
    For people with multiple ipa replica=27s I you guess you need to use=3A=
=3Cbr=3E
    =3Cbr=3E
    =3Cmeta http-equiv=3D=22content-type=22 content=3D=22text/html=3B
      charset=3Dwindows-1252=22=3E
    =3Cpre style=3D=22box-sizing=3A border-box=3B overflow=3A auto=3B font-=
family=3A Consolas=2C =27Liberation Mono=27=2C Menlo=2C Courier=2C monospac=
e=3B font-size=3A 15px=3B margin-top=3A 0px=3B margin-bottom=3A 0px=3B font=
-style=3A normal=3B font-variant=3A normal=3B font-weight=3A normal=3B line=
-height=3A normal=3B white-space=3A pre-wrap=3B color=3A rgb=2851=2C 51=2C=
 51=29=3B letter-spacing=3A normal=3B orphans=3A auto=3B text-align=3A star=
t=3B text-indent=3A 0px=3B text-transform=3A none=3B widows=3A auto=3B word=
-spacing=3A 0px=3B -webkit-text-stroke-width=3A 0px=3B=22=3ERound robin con=
figuration=3A

=09=3Cspan style=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13px=
=22=3Evars=2Eserver1 =3D ipa1=2Edin=2Eintranet
=09=09  vars=2Eserver2 =3D ipa2=2Edin=2Eintranet

=3C/span=3E=09pool=2Edefault=2Eserverset=2Etype =3D round-robin
    =09pool=2Edefault=2Eserverset=2Eround-robin=2E1=2Eserver =3D =24=7Bglob=
al=3Avars=2Eserver1=7D
    =09pool=2Edefault=2Eserverset=2Eround-robin=2E2=2Eserver =3D =24=7Bglob=
al=3Avars=2Eserver2=7D
=3C/pre=3E
    =3Cbr class=3D=22Apple-interchange-newline=22=3E
    instead of=3Cbr=3E
    =3Cbr=3E
    =3Cmeta http-equiv=3D=22content-type=22 content=3D=22text/html=3B
      charset=3Dwindows-1252=22=3E
    =3Cblockquote=3E
      =3Cmeta http-equiv=3D=22content-type=22 content=3D=22text/html=3B
        charset=3Dwindows-1252=22=3E
      =3Cpre style=3D=22box-sizing=3A border-box=3B overflow=3A auto=3B fon=
t-family=3A Consolas=2C =27Liberation Mono=27=2C Menlo=2C Courier=2C monosp=
ace=3B font-size=3A 15px=3B margin-top=3A 0px=3B margin-bottom=3A 0px=3B fo=
nt-style=3A normal=3B font-variant=3A normal=3B font-weight=3A normal=3B li=
ne-height=3A normal=3B white-space=3A pre-wrap=3B color=3A rgb=2851=2C 51=
=2C 51=29=3B letter-spacing=3A normal=3B orphans=3A auto=3B text-align=3A s=
tart=3B text-indent=3A 0px=3B text-transform=3A none=3B widows=3A auto=3B w=
ord-spacing=3A 0px=3B -webkit-text-stroke-width=3A 0px=3B=22=3E=3Cspan styl=
e=3D=22font-family=3Aarial=2Csans-serif=3Bfont-size=3A13px=22=3Evars=2Eserv=
er =3D ipa1=2Edin=2Eintranet=3C/span=3E
pool=2Edefault=2Eserverset=2Esingle=2Eserver =3D =24=7Bglobal=3Avars=2Eserv=
er=7D
=3C/pre=3E
    =3C/blockquote=3E
    But I still have to test that as our second replica is down at the
    moment=2E=3Cbr=3E
    =3Cbr=3E
    Also can we get rid of the internal admin or better just disable
    internal authenticationt without problems=3F As we have ipa we don=27t=

    want local login enabled=2C but in emergency situations we might need=

    to turn it on quickly=2E=3Cbr=3E
    =3Cbr=3E
    =3Cbr=3E
    =3Cbr=3E
    =3Cbr=3E
    Kind regards=2C=3Cbr=3E
 =20=
=3CBR /=3E
=3CBR /=3E
=3Cb style=3D=22color=3A=23604c78=22=3E=3C/b=3E=3Cbr=3E=3Cspan style=3D=22c=
olor=3A=23604c78=3B=22=3E=3Cfont color=3D=22000000=22=3E=3Cspan style=3D=22=
mso-fareast-language=3Aen-gb=3B=22 lang=3D=22NL=22=3EMet vriendelijke groet=
=2C With kind regards=2C=3Cbr=3E=3Cbr=3E=3C/span=3EJorick Astrego=3C/font=
=3E=3C/span=3E=3Cb style=3D=22color=3A=23604c78=22=3E=3Cbr=3E=3Cbr=3ENetbul=
ae Virtualization Experts =3C/b=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3B=
border-top=3A1px solid =23ccc=3B=22=3E=3Ctable style=3D=22width=3A 522px=22=
=3E=3Ctbody=3E=3Ctr=3E=3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=
=22=3ETel=3A  053 20 30 270=3C/td=3E    =3Ctd style=3D=22width=3A 130px=3Bf=
ont-size=3A 10px=22=3Einfo=40netbulae=2Eeu=3C/td=3E    =3Ctd style=3D=22wid=
th=3A 130px=3Bfont-size=3A 10px=22=3EStaalsteden 4-3A=3C/td=3E    =3Ctd sty=
le=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EKvK 08198180=3C/td=3E=3C/tr=
=3E=3Ctr=3E    =3Ctd style=3D=22width=3A 130px=3Bfont-size=3A 10px=22=3EFax=
=3A 053 20 30 271=3C/td=3E    =3Ctd style=3D=22width=3A 130px=3Bfont-size=
=3A 10px=22=3Ewww=2Enetbulae=2Eeu=3C/td=3E    =3Ctd style=3D=22width=3A 130=
px=3Bfont-size=3A 10px=22=3E7547 TA Enschede=3C/td=3E    =3Ctd style=3D=22w=
idth=3A 130px=3Bfont-size=3A 10px=22=3EBTW NL821234584B01=3C/td=3E=3C/tr=3E=
=3C/tbody=3E=3C/table=3E=3Cbr=3E=3Chr style=3D=22border=3Anone=3Bborder-top=
=3A1px solid =23ccc=3B=22=3E=3CBR /=3E
=3C/body=3E
=3C/html=3E

--------------090205000802070604090208--

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Re: [ovirt-users] oVirt 3.5 and FreeIpa