[ovirt-users] Ovirt-egine integration with OpenLDAP can't seem to find any users on Web-UI

Thursday, 30 May 2019

Hello everyone.

So i don't know what i'm doing wrong but this doesn't seem to work, i already
made the confgurations needed on the ovirt-engine-extension-aaa-ldap i'm a little
desperate here.

I'm going to put all the commands that i already made and the errors that they give:

- ovirt-engine-extension-aaa-ldap-setup

 Stage: Setup validation

          NOTE:
          It is highly recommended to test drive the configuration before applying it into
engine.
          Login sequence is executed automatically, but it is recommended to also execute
Search sequence manually after successful Login sequence.

          Please provide credentials to test login flow:
          Enter user name: node1
          Enter user password: 
[ INFO  ] Executing login sequence...
          Login output:
          2019-05-29 03:45:59,261+01 INFO   
========================================================================
          2019-05-29 03:45:59,301+01 INFO    ============================ Initialization
============================
          2019-05-29 03:45:59,301+01 INFO   
========================================================================
          2019-05-29 03:45:59,385+01 INFO    Loading extension
'192.168.16.114-authn'
          2019-05-29 03:45:59,540+01 INFO    Extension '192.168.16.114-authn'
loaded
          2019-05-29 03:45:59,571+01 INFO    Loading extension '192.168.16.114'
          2019-05-29 03:45:59,585+01 INFO    Extension '192.168.16.114' loaded
          2019-05-29 03:45:59,585+01 INFO    Initializing extension
'192.168.16.114-authn'
          2019-05-29 03:45:59,588+01 INFO   
[ovirt-engine-extension-aaa-ldap.authn::192.168.16.114-authn] Creating LDAP pool
'authz'
          2019-05-29 03:45:59,734+01 INFO   
[ovirt-engine-extension-aaa-ldap.authn::192.168.16.114-authn] LDAP pool 'authz'
information: vendor='null' version='null'
          2019-05-29 03:45:59,736+01 INFO   
[ovirt-engine-extension-aaa-ldap.authn::192.168.16.114-authn] Creating LDAP pool
'authn'
          2019-05-29 03:45:59,754+01 INFO   
[ovirt-engine-extension-aaa-ldap.authn::192.168.16.114-authn] LDAP pool 'authn'
information: vendor='null' version='null'
          2019-05-29 03:45:59,754+01 INFO    Extension '192.168.16.114-authn'
initialized
          2019-05-29 03:45:59,755+01 INFO    Initializing extension
'192.168.16.114'
          2019-05-29 03:45:59,756+01 INFO   
[ovirt-engine-extension-aaa-ldap.authz::192.168.16.114] Creating LDAP pool
'authz'
          2019-05-29 03:45:59,775+01 INFO   
[ovirt-engine-extension-aaa-ldap.authz::192.168.16.114] LDAP pool 'authz'
information: vendor='null' version='null'
          2019-05-29 03:45:59,776+01 INFO   
[ovirt-engine-extension-aaa-ldap.authz::192.168.16.114] Available Namespaces:
[ou=People,dc=lab,dc=local]
          2019-05-29 03:45:59,777+01 INFO    Extension '192.168.16.114'
initialized
          2019-05-29 03:45:59,777+01 INFO    Start of enabled extensions list
          2019-05-29 03:45:59,777+01 INFO    Instance name:
'192.168.16.114-authn', Extension name:
'ovirt-engine-extension-aaa-ldap.authn', Version: '1.3.8', Notes:
'Display name: ovirt-engine-extension-aaa-ldap-1.3.8-1.el7', License: 'ASL
2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build
interface Version: '0',  File:
'/tmp/tmp7wX6s6/extensions.d/192.168.16.114-authn.properties', Initialized:
'true'
          2019-05-29 03:45:59,778+01 INFO    Instance name: '192.168.16.114',
Extension name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.3.8',
Notes: 'Display name: ovirt-engine-extension-aaa-ldap-1.3.8-1.el7', License:
'ASL 2.0', Home: 'http://www.ovirt.org', Author 'The oVirt
Project', Build interface Version: '0',  File:
'/tmp/tmp7wX6s6/extensions.d/192.168.16.114.properties', Initialized:
'true'
          2019-05-29 03:45:59,778+01 INFO    End of enabled extensions list
          2019-05-29 03:45:59,778+01 INFO   
========================================================================
          2019-05-29 03:45:59,778+01 INFO    ============================== Execution
===============================
          2019-05-29 03:45:59,778+01 INFO   
========================================================================
          2019-05-29 03:45:59,779+01 INFO    Iteration: 0
          2019-05-29 03:45:59,780+01 INFO    Profile='192.168.16.114'
authn='192.168.16.114-authn' authz='192.168.16.114'
mapping='null'
          2019-05-29 03:45:59,780+01 INFO    API:
-->Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='192.168.16.114'
user='node1'
          2019-05-29 03:45:59,835+01 INFO    API:
<--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='192.168.16.114'
result=CREDENTIALS_INVALID
          2019-05-29 03:45:59,843+01 SEVERE  Authn.Result code is: CREDENTIALS_INVALID
[ ERROR ] Login sequence failed
          Please investigate details of the failure (search for lines containing SEVERE
log level).
          Select test sequence to execute (Done, Abort, Login, Search) [Abort]: 

- ovirt-engine-extensions-tool aaa login-user --profile=lab.local --user-name=node1

2019-05-29 03:57:35,194+01 INFO   
========================================================================
2019-05-29 03:57:35,224+01 INFO    ============================ Initialization
============================
2019-05-29 03:57:35,224+01 INFO   
========================================================================
2019-05-29 03:57:35,298+01 INFO    Loading extension 'internal-authz'
2019-05-29 03:57:35,325+01 INFO    Extension 'internal-authz' loaded
2019-05-29 03:57:35,334+01 INFO    Loading extension 'internal-authn'
2019-05-29 03:57:35,336+01 INFO    Extension 'internal-authn' loaded
2019-05-29 03:57:35,360+01 INFO    Loading extension 'profile2-authz'
2019-05-29 03:57:35,510+01 INFO    Extension 'profile2-authz' loaded
2019-05-29 03:57:35,516+01 INFO    Loading extension 'profile1-authz'
2019-05-29 03:57:35,527+01 INFO    Extension 'profile1-authz' loaded
2019-05-29 03:57:35,546+01 INFO    Loading extension 'profile1-authn'
2019-05-29 03:57:35,558+01 INFO    Extension 'profile1-authn' loaded
2019-05-29 03:57:35,586+01 INFO    Loading extension 'profile2-authn'
2019-05-29 03:57:35,592+01 INFO    Extension 'profile2-authn' loaded
2019-05-29 03:57:35,592+01 INFO    Initializing extension 'internal-authz'
2019-05-29 03:57:35,754+01 INFO    Extension 'internal-authz' initialized
2019-05-29 03:57:35,755+01 INFO    Initializing extension 'internal-authn'
2019-05-29 03:57:35,771+01 INFO    Extension 'internal-authn' initialized
2019-05-29 03:57:35,771+01 INFO    Initializing extension 'profile2-authz'
2019-05-29 03:57:35,772+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile2-authz]
Creating LDAP pool 'authz'
2019-05-29 03:57:35,859+01 WARNING Exception: An error occurred while attempting to
connect to server ldap.lab.local:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server ldap.lab.local/192.168.16.114:389:  UnknownHostException(ldap.lab.local),
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58'))
2019-05-29 03:57:35,861+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile2-authz]
Available Namespaces: [dc=lab,dc=local]
2019-05-29 03:57:35,861+01 INFO    Extension 'profile2-authz' initialized
2019-05-29 03:57:35,861+01 INFO    Initializing extension 'profile1-authz'
2019-05-29 03:57:35,862+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile1-authz]
Creating LDAP pool 'authz'
2019-05-29 03:57:35,873+01 WARNING Exception: An error occurred while attempting to
connect to server 40.127.205.63:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server /40.127.205.63:389: 
IllegalArgumentException(trace='checkAddress(ResolverSocketFactory.java:35) /
createSocket(ResolverSocketFactory.java:73) / run(ConnectThread.java:139)',
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58)'))
2019-05-29 03:57:35,874+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile1-authz]
Available Namespaces: [dc=sybase,dc=pt]
2019-05-29 03:57:35,874+01 INFO    Extension 'profile1-authz' initialized
2019-05-29 03:57:35,874+01 INFO    Initializing extension 'profile1-authn'
2019-05-29 03:57:35,875+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile1-authn]
Creating LDAP pool 'authz'
2019-05-29 03:57:35,888+01 WARNING Exception: An error occurred while attempting to
connect to server 40.127.205.63:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server /40.127.205.63:389: 
IllegalArgumentException(trace='checkAddress(ResolverSocketFactory.java:35) /
createSocket(ResolverSocketFactory.java:73) / run(ConnectThread.java:139)',
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58)'))
2019-05-29 03:57:35,889+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile1-authn]
Creating LDAP pool 'authn'
2019-05-29 03:57:35,894+01 WARNING Exception: An error occurred while attempting to
connect to server 40.127.205.63:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server /40.127.205.63:389: 
IllegalArgumentException(trace='checkAddress(ResolverSocketFactory.java:35) /
createSocket(ResolverSocketFactory.java:73) / run(ConnectThread.java:139)',
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58)'))
2019-05-29 03:57:35,894+01 INFO    Extension 'profile1-authn' initialized
2019-05-29 03:57:35,894+01 INFO    Initializing extension 'profile2-authn'
2019-05-29 03:57:35,895+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile2-authn]
Creating LDAP pool 'authz'
^C2019-05-29 03:57:35,906+01 WARNING Exception: An error occurred while attempting to
connect to server ldap.lab.local:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server ldap.lab.local/192.168.16.114:389:  UnknownHostException(ldap.lab.local),
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58'))
2019-05-29 03:57:35,907+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile2-authn]
Creating LDAP pool 'authn'
[root@ovirt ~]# ovirt-engine-extensions-tool aaa login-user --profile=lab.local
--user-name=node1
2019-05-29 03:57:41,227+01 INFO   
========================================================================
2019-05-29 03:57:41,259+01 INFO    ============================ Initialization
============================
2019-05-29 03:57:41,260+01 INFO   
========================================================================
2019-05-29 03:57:41,311+01 INFO    Loading extension 'internal-authz'
2019-05-29 03:57:41,331+01 INFO    Extension 'internal-authz' loaded
2019-05-29 03:57:41,333+01 INFO    Loading extension 'internal-authn'
2019-05-29 03:57:41,334+01 INFO    Extension 'internal-authn' loaded
2019-05-29 03:57:41,345+01 INFO    Loading extension 'profile2-authz'
2019-05-29 03:57:41,508+01 INFO    Extension 'profile2-authz' loaded
2019-05-29 03:57:41,510+01 INFO    Loading extension 'profile1-authz'
2019-05-29 03:57:41,551+01 INFO    Extension 'profile1-authz' loaded
2019-05-29 03:57:41,552+01 INFO    Loading extension 'profile1-authn'
2019-05-29 03:57:41,562+01 INFO    Extension 'profile1-authn' loaded
2019-05-29 03:57:41,564+01 INFO    Loading extension 'profile2-authn'
2019-05-29 03:57:41,602+01 INFO    Extension 'profile2-authn' loaded
2019-05-29 03:57:41,602+01 INFO    Initializing extension 'internal-authz'
2019-05-29 03:57:41,782+01 INFO    Extension 'internal-authz' initialized
2019-05-29 03:57:41,783+01 INFO    Initializing extension 'internal-authn'
2019-05-29 03:57:41,800+01 INFO    Extension 'internal-authn' initialized
2019-05-29 03:57:41,801+01 INFO    Initializing extension 'profile2-authz'
2019-05-29 03:57:41,801+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile2-authz]
Creating LDAP pool 'authz'
2019-05-29 03:57:41,885+01 WARNING Exception: An error occurred while attempting to
connect to server ldap.lab.local:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server ldap.lab.local/192.168.16.114:389:  UnknownHostException(ldap.lab.local),
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58'))
2019-05-29 03:57:41,886+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile2-authz]
Available Namespaces: [dc=lab,dc=local]
2019-05-29 03:57:41,887+01 INFO    Extension 'profile2-authz' initialized
2019-05-29 03:57:41,887+01 INFO    Initializing extension 'profile1-authz'
2019-05-29 03:57:41,887+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile1-authz]
Creating LDAP pool 'authz'
2019-05-29 03:57:41,901+01 WARNING Exception: An error occurred while attempting to
connect to server 40.127.205.63:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server /40.127.205.63:389: 
IllegalArgumentException(trace='checkAddress(ResolverSocketFactory.java:35) /
createSocket(ResolverSocketFactory.java:73) / run(ConnectThread.java:139)',
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58)'))
2019-05-29 03:57:41,901+01 INFO    [ovirt-engine-extension-aaa-ldap.authz::profile1-authz]
Available Namespaces: [dc=sybase,dc=pt]
2019-05-29 03:57:41,902+01 INFO    Extension 'profile1-authz' initialized
2019-05-29 03:57:41,902+01 INFO    Initializing extension 'profile1-authn'
2019-05-29 03:57:41,902+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile1-authn]
Creating LDAP pool 'authz'
2019-05-29 03:57:41,909+01 WARNING Exception: An error occurred while attempting to
connect to server 40.127.205.63:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server /40.127.205.63:389: 
IllegalArgumentException(trace='checkAddress(ResolverSocketFactory.java:35) /
createSocket(ResolverSocketFactory.java:73) / run(ConnectThread.java:139)',
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58)'))
2019-05-29 03:57:41,910+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile1-authn]
Creating LDAP pool 'authn'
2019-05-29 03:57:41,915+01 WARNING Exception: An error occurred while attempting to
connect to server 40.127.205.63:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server /40.127.205.63:389: 
IllegalArgumentException(trace='checkAddress(ResolverSocketFactory.java:35) /
createSocket(ResolverSocketFactory.java:73) / run(ConnectThread.java:139)',
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58)'))
2019-05-29 03:57:41,916+01 INFO    Extension 'profile1-authn' initialized
2019-05-29 03:57:41,916+01 INFO    Initializing extension 'profile2-authn'
2019-05-29 03:57:41,917+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile2-authn]
Creating LDAP pool 'authz'
2019-05-29 03:57:41,962+01 WARNING Exception: An error occurred while attempting to
connect to server ldap.lab.local:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server ldap.lab.local/192.168.16.114:389:  UnknownHostException(ldap.lab.local),
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58'))
2019-05-29 03:57:41,963+01 INFO    [ovirt-engine-extension-aaa-ldap.authn::profile2-authn]
Creating LDAP pool 'authn'
2019-05-29 03:57:42,010+01 WARNING Exception: An error occurred while attempting to
connect to server ldap.lab.local:389:  IOException(LDAPException(resultCode=91 (connect
error), errorMessage='An error occurred while attempting to establish a connection to
server ldap.lab.local/192.168.16.114:389:  UnknownHostException(ldap.lab.local),
ldapSDKVersion=4.0.5, revision=b28fb50058dfe2864171df2448ad2ad2b4c2ad58'))
2019-05-29 03:57:42,011+01 INFO    Extension 'profile2-authn' initialized
2019-05-29 03:57:42,011+01 INFO    Start of enabled extensions list
2019-05-29 03:57:42,012+01 INFO    Instance name: 'internal-authn', Extension
name: '"ovirt-engine-extension-aaa-jdbc".authn', Version:
'"1.1.7_master"', Notes: 'Display name:
"ovirt-engine-extension-aaa-jdbc"', License: 'ASL 2.0', Home:
'http://www.ovirt.org', Author 'The oVirt Project', Build interface
Version: '0',  File:
'/etc/ovirt-engine/extensions.d/internal-authn.properties', Initialized:
'true'
2019-05-29 03:57:42,013+01 INFO    Instance name: 'profile1-authn', Extension
name: 'ovirt-engine-extension-aaa-ldap.authn', Version: '1.3.8', Notes:
'Display name: ovirt-engine-extension-aaa-ldap-1.3.8-1.el7', License: 'ASL
2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build
interface Version: '0',  File:
'/etc/ovirt-engine/extensions.d/profile1-authn.properties', Initialized:
'true'
2019-05-29 03:57:42,013+01 INFO    Instance name: 'profile2-authz', Extension
name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.3.8', Notes:
'Display name: ovirt-engine-extension-aaa-ldap-1.3.8-1.el7', License: 'ASL
2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build
interface Version: '0',  File:
'/etc/ovirt-engine/extensions.d/profile2-authz.properties', Initialized:
'true'
2019-05-29 03:57:42,014+01 INFO    Instance name: 'internal-authz', Extension
name: '"ovirt-engine-extension-aaa-jdbc".authz', Version:
'"1.1.7_master"', Notes: 'Display name:
"ovirt-engine-extension-aaa-jdbc"', License: 'ASL 2.0', Home:
'http://www.ovirt.org', Author 'The oVirt Project', Build interface
Version: '0',  File:
'/etc/ovirt-engine/extensions.d/internal-authz.properties', Initialized:
'true'
2019-05-29 03:57:42,014+01 INFO    Instance name: 'profile1-authz', Extension
name: 'ovirt-engine-extension-aaa-ldap.authz', Version: '1.3.8', Notes:
'Display name: ovirt-engine-extension-aaa-ldap-1.3.8-1.el7', License: 'ASL
2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build
interface Version: '0',  File:
'/etc/ovirt-engine/extensions.d/profile1-authz.properties', Initialized:
'true'
2019-05-29 03:57:42,014+01 INFO    Instance name: 'profile2-authn', Extension
name: 'ovirt-engine-extension-aaa-ldap.authn', Version: '1.3.8', Notes:
'Display name: ovirt-engine-extension-aaa-ldap-1.3.8-1.el7', License: 'ASL
2.0', Home: 'http://www.ovirt.org', Author 'The oVirt Project', Build
interface Version: '0',  File:
'/etc/ovirt-engine/extensions.d/profile2-authn.properties', Initialized:
'true'
2019-05-29 03:57:42,014+01 INFO    End of enabled extensions list
2019-05-29 03:57:42,014+01 INFO   
========================================================================
2019-05-29 03:57:42,014+01 INFO    ============================== Execution
===============================
2019-05-29 03:57:42,015+01 INFO   
========================================================================
2019-05-29 03:57:42,015+01 INFO    Iteration: 0
2019-05-29 03:57:42,018+01 INFO    Profile='lab.local'
authn='profile2-authn' authz='profile2-authz' mapping='null'
2019-05-29 03:57:42,018+01 INFO    API:
-->Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='lab.local'
user='node1'
Password: 
2019-05-29 03:57:45,905+01 WARNING Ignoring records from pool: 'authz'
2019-05-29 03:57:45,906+01 INFO    API:
<--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='lab.local'
result=CREDENTIALS_INVALID
2019-05-29 03:57:45,922+01 SEVERE  Authn.Result code is: CREDENTIALS_INVALID

- ldapsearch -x -h 192.168.16.114 -b "dc=ldap,dc=local" -D
"cn=ldapadm,dc=lab,dc=local" -W

Enter LDAP Password: 
# extended LDIF
#
# LDAPv3
# base <dc=ldap,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# search result
search: 2
result: 32 No such object

# numResponses: 1

- [root@ovirt ~]# cat /etc/ovirt-engine/aaa/profile2.properties 
#
# Select one
#
include = <openldap.properties>
#include = <389ds.properties>
#include = <rhds.properties>
#include = <ipa.properties>
#include = <iplanet.properties>
#include = <rfc2307-389ds.properties>
#include = <rfc2307-rhds.properties>
#include = <rfc2307-openldap.properties>
#include = <rfc2307-edir.properties>
#include = <rfc2307-generic.properties>

#
# Server
#
vars.server = ldap.lab.local

#
# Search user and its password.
#
vars.user = ou=People,dc=lab,dc=local
vars.password = abc

# Uncomment in case you don't have allowed anonymous bind,
# because we use anonymous bind for authn pool:
pool.default.auth.type = simple

pool.default.serverset.srvrecord.service = ldap
pool.default.serverset.srvrecord.protocol = tcp

pool.default.serverset.single.server = ${global:vars.server}
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
#pool.default.ssl.startTLS = false
#pool.default.socketfactory.type = java

sequence-init.init.100-my-basedn-init-vars = my-basedn-init-vars
sequence.my-basedn-init-vars.010.description = set baseDN
sequence.my-basedn-init-vars.010.type = var-set
sequence.my-basedn-init-vars.010.var-set.variable = simple_baseDN
sequence.my-basedn-init-vars.010.var-set.value = dc=lab,dc=local
search.default.search-request.derefPolicy = ALWAYS
# Create keystore, import root certificate and uncomment
# if using ssl/tls.
#pool.default.ssl.startTLS = true
#pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks
#pool.default.ssl.truststore.password = changeit

- [root@ovirt ~]# cat /etc/ovirt-engine/extensions.d/profile2-authn.properties 
ovirt.engine.extension.name = profile2-authn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = lab.local
ovirt.engine.aaa.authn.authz.plugin = profile2-authz
config.profile.file.1 = /etc/ovirt-engine/aaa/profile2.properties
config.globals.baseDN.simple_baseDN = ou=People,dc=lab,dc=local

- [root@ovirt ~]# cat /etc/ovirt-engine/extensions.d/profile2-authz.properties 
ovirt.engine.extension.name = profile2-authz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = /etc/ovirt-engine/aaa/profile2.properties
config.globals.baseDN.simple_baseDN = ou=People,dc=lab,dc=local

Thanks all for the help!

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[ovirt-users] Ovirt-egine integration with OpenLDAP can't seem to find any users on Web-UI