Re: [ovirt-users] FreeIPA

This is a multi-part message in MIME format. --------------090802080605090904020305 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Just for clarification - ovirt-engine-extension-aaa-ldap-setup is available from oVirt 3.6 Can you send engine.log, hard to say what's wrong from configuration, it looks good. On 09/22/2015 09:55 PM, Ravi Nori wrote: --------------090802080605090904020305 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 7bit <html> <head> <meta content="text/html; charset=windows-1252" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> Just for clarification - ovirt-engine-extension-aaa-ldap-setup is available from oVirt 3.6<br> <br> Can you send engine.log, hard to say what's wrong from configuration, it looks good.<br> <br> <div class="moz-cite-prefix">On 09/22/2015 09:55 PM, Ravi Nori wrote:<br> </div> <blockquote cite="mid:5601B215.8020704@redhat.com" type="cite"> <meta content="text/html; charset=windows-1252" http-equiv="Content-Type"> <div class="moz-cite-prefix">Once you have installed ovirt-engine-extension-aaa-ldap and ovirt-engine-extension-aaa-ldap-setup<br> <br> You can run ovirt-engine-extension-aaa-ldap-setup and follow the steps to set up ldap.<br> <br> Once that is done you can login to webadmin and add users/groups from ipa<br> <br> On 09/22/2015 11:57 AM, <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:suporte@logicworks.pt">suporte@logicworks.pt</a> wrote:<br> </div> <blockquote cite="mid:1706731369.91118.1442937460886.JavaMail.zimbra@logicworks.pt" type="cite"> <div style="font-family: Times New Roman; font-size: 10pt; color: #000000"> <div>Here is what I'm trying to do:<br> </div> <div><br> Ovirt engine : engine.domain.tld<br> </div> <div>Freeipa 4.1.0 : ipa.domain.tld<br> </div> <div><br> </div> <div>I have installed on the engine: <pre class="western" style="margin-bottom: 0.5cm;" data-mce-style="margin-bottom: 0.5cm;"><i>ovirt-engine-extension-aaa-ldap</i> </pre> <pre class="western" style="margin-bottom: 0.5cm;" data-mce-style="margin-bottom: 0.5cm;"><i>openldap-clients</i> /etc/ovirt-engine/aaa/profile1.properties: # # Select one # #include = &lt;openldap.properties&gt; #include = &lt;389ds.properties&gt; #include = &lt;rhds.properties&gt; include = &lt;ipa.properties&gt; #include = &lt;iplanet.properties&gt; #include = &lt;rfc2307.properties&gt; #include = &lt;rfc2307-openldap.properties&gt; # # Server # vars.server = ipa.domain.tld # # Search user and its password. # vars.user = uid=search,cn=users,cn=accounts,dc=domain,dc=tld vars.password = <em>ipa_admin_password</em> pool.default.serverset.single.server = ${global:vars.server} pool.default.auth.simple.bindDN = ${global:vars.user} pool.default.auth.simple.password = ${global:vars.password} # Create keystore, import certificate chain and uncomment # if using ssl/tls. #pool.default.ssl.startTLS = true #pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks #pool.default.ssl.truststore.password = changeit On the engine cannot find any users configured on the ipa server. Any help? Thanks Jose </pre> <br> </div> <div><br> </div> <hr id="zwchr"> <div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;" data-mce-style="color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>De: </b>"Alon Bar-Lev" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:alonbl@redhat.com">&lt;alonbl@redhat.com&gt;</a><br> <b>Para: </b><a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:suporte@logicworks.pt">suporte@logicworks.pt</a><br> <b>Cc: </b>"users" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:users@ovirt.org">&lt;users@ovirt.org&gt;</a><br> <b>Enviadas: </b>Sexta-feira, 18 De Setembro de 2015 15:48:22<br> <b>Assunto: </b>Re: [ovirt-users] FreeIPA<br> <div><br> </div> <br> <div><br> </div> ----- Original Message -----<br> &gt; From: <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:suporte@logicworks.pt">suporte@logicworks.pt</a><br> &gt; To: "users" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:users@ovirt.org">&lt;users@ovirt.org&gt;</a><br> &gt; Sent: Friday, September 18, 2015 5:45:18 PM<br> &gt; Subject: [ovirt-users] FreeIPA<br> &gt; <br> &gt; Hi,<br> &gt; <br> &gt; Is there any documentation about FreeIPA integration with oVirt 3.5 and how<br> &gt; to configure it?<br> &gt; <br> <div><br> </div> Hi,<br> <div><br> </div> Please find documentation at [1][2].<br> <div><br> </div> Regards,<br> Alon Bar-Lev.<br> <div><br> </div> [1] <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://www.ovirt.org/Features/AAA">http://www.ovirt.or... [2] <a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-l... </div> <div><br> </div> </div> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://... </pre> </blockquote> <br> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <br> <pre wrap="">_______________________________________________ Users mailing list <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://... </pre> </blockquote> <br> </body> </html> --------------090802080605090904020305--