On Wed, Dec 10, 2014 at 5:43 PM, Alon Bar-Lev <alonbl(a)redhat.com> wrote:
I suggest to install the new provider which does not require kerberos and
much easier to customize / problem determination.
http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=bl...
From what I read in your link it seems far from intuitive from an oVirt
admin point
of view who probably doesn't know ldap/IPA so in depth... authn
and authz concepts overlap with related files and I have not understood how
many files I have to add and if @AUTHZ_NAME@ and @AUTHN_NAME@ are the same
string for a fixed IPA server or not...
also reading
http://www.ovirt.org/Features/AAA
doesn't clarify at least based my knowledge of ladap in general and IPA in
particular (that is not so much...)
Previsously I "only" had to run
engine-manage-domains add --domain=localdomain.local --provider=ipa
--user=admin
and my configured IPA 3.0 worked without any problem...
Can you detail what would be the structure of files
under /etc/ovirt-engine/extensions.d/ ?
Or anyone already configured with IPA and has a working example of files?
Gianluca