Re: [ovirt-users] ldap servers configuration can be misleading with AD

I tried to plug ovirt using my company AD. But I have a problem, the DNS srv records are not well managed and I can't use them so I changed pool.default.serverset.type from srvrecord to failover.

But it was not enough, it was still using those invalid records. It was used by pool.default.dc-resolve.default.serverset.type too. I found that after digging in the source. I wonder why it should be specified twice. Why pool.default.dc-resolve.default.serverset and pool.default.serverset are different ?

I also need to specify search.ad-resolve-upn.search-request.baseDN because it didn't found it any more. I wonder if it's related. My aaa property file: include = <ad.properties> vars.domain = MYDOME vars.user = A_DN vars.password = the_password vars.forest = my_forest pool.default.auth.simple.bindDN = ${global:vars.user} pool.default.auth.simple.password = ${global:vars.password} pool.default.serverset.type = failover pool.default.serverset.failover.1.server = server1 pool.default.serverset.failover.2.server = server2 pool.default.ssl.startTLS = true pool.default.ssl.truststore.file = trust.jks pool.default.ssl.truststore.password = pool.default.ssl.startTLSProtocol = TLSv1.2 pool.default.connection-options.connectTimeoutMillis = 500 pool.default.dc-resolve.enable = true pool.default.dc-resolve.default.serverset.type = failover pool.default.dc-resolve.serverset.failover.1.server = server1 pool.default.dc-resolve.serverset.failover.2.server = server2 search.ad-resolve-upn.search-request.baseDN = BASE_DN _______________________________________________ Users mailing list Users(a)ovirt.org http://lists.ovirt.org/mailman/listinfo/users