From Ernest.Beinrohr at axonpro.sk Fri Dec  6 02:42:25 2013
Content-Type: multipart/mixed; boundary="===============5434127314815340181=="
MIME-Version: 1.0
From: Ernest Beinrohr <Ernest.Beinrohr at axonpro.sk>
To: users at ovirt.org
Subject: Re: [Users] External authentication
Date: Fri, 06 Dec 2013 08:42:04 +0100
Message-ID: <52A17FCC.1050701@axonpro.sk>
In-Reply-To: 996213093.12637558.1386315264349.JavaMail.root@redhat.com

--===============5434127314815340181==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

This is a multi-part message in MIME format.
--------------070205010508040103090806
Content-Type: text/plain; charset=3DISO-8859-1; format=3Dflowed
Content-Transfer-Encoding: 8bit

Dn(a 06.12.2013 08:34, Yair Zaslavsky wrote / nap=C3=ADsal(a):
>
> ----- Original Message -----
>> From: "Maurice James" <midnightsteel(a)msn.com>
>> To: users(a)ovirt.org
>> Sent: Friday, December 6, 2013 3:13:34 AM
>> Subject: [Users] External authentication
>>
>> Does anyone know how to get external authentication to 389-ds "without"
>> Kerberos support. I am quite happy with LDAPS and would prefer not to
>> introduce more complexity.
> No option at the moment,
> Juan Hernandez (CC'ed) is working on authentication refactor that will al=
low developing authentication "plugins" in an easier manner (and also will =
break the tight coupling between authentication and directory services info=
rmation retrieval)

Just confirming our interest in ldap without kerberos.
-- =

Ernest Beinrohr, AXON PRO
DevOps, Ing <http://www.beinrohr.sk/ing.php>, RHCE =

<http://www.beinrohr.sk/rhce.php>, RHCVA =

<http://www.beinrohr.sk/rhce.php>, LPIC =

<http://www.beinrohr.sk/lpic.php>, VCA <http://www.beinrohr.sk/vca.php>, =

+421-2--6241-0360 <callto://+421-2--6241-0360>, +421-903--482-603 =

<callto://+421-903--482-603>
icq:28153343, skype:oernii-work <callto://oernii-work>, =

jabber:oernii(a)jabber.org
------------------------------------------------------------------------
"For a successful technology, reality must take precedence over public =

relations, for Nature cannot be fooled." Richard Feynman

--------------070205010508040103090806
Content-Type: text/html; charset=3DISO-8859-1
Content-Transfer-Encoding: 7bit

<html>
  <head>
    <meta content=3D"text/html; charset=3DISO-8859-1"
      http-equiv=3D"Content-Type">
  </head>
  <body bgcolor=3D"#FFFFFF" text=3D"#000000">
    <div class=3D"moz-cite-prefix">D&#328;a 06.12.2013 08:34, Yair Zaslavsky
      wrote / nap&iacute;sal(a):<br>
    </div>
    <blockquote
      cite=3D"mid:996213093.12637558.1386315264349.JavaMail.root(a)redhat.c=
om"
      type=3D"cite">
      <pre wrap=3D"">

----- Original Message -----
</pre>
      <blockquote type=3D"cite">
        <pre wrap=3D"">From: "Maurice James" <a class=3D"moz-txt-link-rfc23=
96E" href=3D"mailto:midnightsteel(a)msn.com">&lt;midnightsteel(a)msn.com&gt=
;</a>
To: <a class=3D"moz-txt-link-abbreviated" href=3D"mailto:users(a)ovirt.org"=
>users(a)ovirt.org</a>
Sent: Friday, December 6, 2013 3:13:34 AM
Subject: [Users] External authentication

Does anyone know how to get external authentication to 389-ds "without"
Kerberos support. I am quite happy with LDAPS and would prefer not to
introduce more complexity.
</pre>
      </blockquote>
      <pre wrap=3D"">
No option at the moment, =

Juan Hernandez (CC'ed) is working on authentication refactor that will allo=
w developing authentication "plugins" in an easier manner (and also will br=
eak the tight coupling between authentication and directory services inform=
ation retrieval)
</pre>
    </blockquote>
    <br>
    Just confirming our interest in ldap without kerberos.<br>
    <div class=3D"moz-signature">-- <br>
      <div id=3D"oernii_footer" style=3D"color: gray;">
        <span style=3D"font-family: Lucida Console, Luxi Mono, Courier,
          monospace; font-size: 90%;">
          Ernest Beinrohr, AXON PRO<br>
          DevOps,
          <a style=3D"text-decoration: none; color: gray;"
            href=3D"http://www.beinrohr.sk/ing.php">Ing</a>, <a
            style=3D"text-decoration: none; color: gray;"
            href=3D"http://www.beinrohr.sk/rhce.php">RHCE</a>, <a
            style=3D"text-decoration: none; color: gray;"
            href=3D"http://www.beinrohr.sk/rhce.php">RHCVA</a>, <a
            style=3D"text-decoration: none; color: gray;"
            href=3D"http://www.beinrohr.sk/lpic.php">LPIC</a>, <a
            style=3D"text-decoration: none; color: gray;"
            href=3D"http://www.beinrohr.sk/vca.php">VCA</a>, <a
            style=3D"text-decoration: none; color: gray;"
            href=3D"callto://+421-2--6241-0360">+421-2--6241-0360</a>, <a
            style=3D"text-decoration: none; color: gray;"
            href=3D"callto://+421-903--482-603">+421-903--482-603</a><br>
          icq:28153343, <a style=3D"text-decoration: none; color: gray;"
            href=3D"callto://oernii-work">skype:oernii-work</a>,
          <a class=3D"moz-txt-link-abbreviated" href=3D"mailto:jabber:oerni=
i(a)jabber.org">jabber:oernii(a)jabber.org</a>
          <br>
        </span>
        <hr style=3D"height: 1px; width: 95%"> <span style=3D"font-size:
          70%;">
          &#8220;For a successful technology, reality must take precedence
          over public relations, for Nature cannot be fooled.&#8221; Richard
          Feynman </span> </div>
    </div>
    <img
      src=3D"http://nojsstats.appspot.com/UA-44497096-1/email.beinrohr.sk"
      moz-do-not-send=3D"true" border=3D"0" height=3D"1" width=3D"1">
  </body>
</html>

--------------070205010508040103090806--

--===============5434127314815340181==
Content-Type: multipart/alternative
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="attachment.bin"

VGhpcyBpcyBhIG11bHRpLXBhcnQgbWVzc2FnZSBpbiBNSU1FIGZvcm1hdC4KLS0tLS0tLS0tLS0t
LS0wNzAyMDUwMTA1MDgwNDAxMDMwOTA4MDYKQ29udGVudC1UeXBlOiB0ZXh0L3BsYWluOyBjaGFy
c2V0PUlTTy04ODU5LTE7IGZvcm1hdD1mbG93ZWQKQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZzog
OGJpdAoKRG4oYSAwNi4xMi4yMDEzIDA4OjM0LCBZYWlyIFphc2xhdnNreSB3cm90ZSAvIG5hcO1z
YWwoYSk6Cj4KPiAtLS0tLSBPcmlnaW5hbCBNZXNzYWdlIC0tLS0tCj4+IEZyb206ICJNYXVyaWNl
IEphbWVzIiA8bWlkbmlnaHRzdGVlbEBtc24uY29tPgo+PiBUbzogdXNlcnNAb3ZpcnQub3JnCj4+
IFNlbnQ6IEZyaWRheSwgRGVjZW1iZXIgNiwgMjAxMyAzOjEzOjM0IEFNCj4+IFN1YmplY3Q6IFtV
c2Vyc10gRXh0ZXJuYWwgYXV0aGVudGljYXRpb24KPj4KPj4gRG9lcyBhbnlvbmUga25vdyBob3cg
dG8gZ2V0IGV4dGVybmFsIGF1dGhlbnRpY2F0aW9uIHRvIDM4OS1kcyAid2l0aG91dCIKPj4gS2Vy
YmVyb3Mgc3VwcG9ydC4gSSBhbSBxdWl0ZSBoYXBweSB3aXRoIExEQVBTIGFuZCB3b3VsZCBwcmVm
ZXIgbm90IHRvCj4+IGludHJvZHVjZSBtb3JlIGNvbXBsZXhpdHkuCj4gTm8gb3B0aW9uIGF0IHRo
ZSBtb21lbnQsCj4gSnVhbiBIZXJuYW5kZXogKENDJ2VkKSBpcyB3b3JraW5nIG9uIGF1dGhlbnRp
Y2F0aW9uIHJlZmFjdG9yIHRoYXQgd2lsbCBhbGxvdyBkZXZlbG9waW5nIGF1dGhlbnRpY2F0aW9u
ICJwbHVnaW5zIiBpbiBhbiBlYXNpZXIgbWFubmVyIChhbmQgYWxzbyB3aWxsIGJyZWFrIHRoZSB0
aWdodCBjb3VwbGluZyBiZXR3ZWVuIGF1dGhlbnRpY2F0aW9uIGFuZCBkaXJlY3Rvcnkgc2Vydmlj
ZXMgaW5mb3JtYXRpb24gcmV0cmlldmFsKQoKSnVzdCBjb25maXJtaW5nIG91ciBpbnRlcmVzdCBp
biBsZGFwIHdpdGhvdXQga2VyYmVyb3MuCi0tIApFcm5lc3QgQmVpbnJvaHIsIEFYT04gUFJPCkRl
dk9wcywgSW5nIDxodHRwOi8vd3d3LmJlaW5yb2hyLnNrL2luZy5waHA+LCBSSENFIAo8aHR0cDov
L3d3dy5iZWlucm9oci5zay9yaGNlLnBocD4sIFJIQ1ZBIAo8aHR0cDovL3d3dy5iZWlucm9oci5z
ay9yaGNlLnBocD4sIExQSUMgCjxodHRwOi8vd3d3LmJlaW5yb2hyLnNrL2xwaWMucGhwPiwgVkNB
IDxodHRwOi8vd3d3LmJlaW5yb2hyLnNrL3ZjYS5waHA+LCAKKzQyMS0yLS02MjQxLTAzNjAgPGNh
bGx0bzovLys0MjEtMi0tNjI0MS0wMzYwPiwgKzQyMS05MDMtLTQ4Mi02MDMgCjxjYWxsdG86Ly8r
NDIxLTkwMy0tNDgyLTYwMz4KaWNxOjI4MTUzMzQzLCBza3lwZTpvZXJuaWktd29yayA8Y2FsbHRv
Oi8vb2VybmlpLXdvcms+LCAKamFiYmVyOm9lcm5paUBqYWJiZXIub3JnCi0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LQoiRm9yIGEgc3VjY2Vzc2Z1bCB0ZWNobm9sb2d5LCByZWFsaXR5IG11c3QgdGFrZSBwcmVjZWRl
bmNlIG92ZXIgcHVibGljIApyZWxhdGlvbnMsIGZvciBOYXR1cmUgY2Fubm90IGJlIGZvb2xlZC4i
IFJpY2hhcmQgRmV5bm1hbgoKLS0tLS0tLS0tLS0tLS0wNzAyMDUwMTA1MDgwNDAxMDMwOTA4MDYK
Q29udGVudC1UeXBlOiB0ZXh0L2h0bWw7IGNoYXJzZXQ9SVNPLTg4NTktMQpDb250ZW50LVRyYW5z
ZmVyLUVuY29kaW5nOiA3Yml0Cgo8aHRtbD4KICA8aGVhZD4KICAgIDxtZXRhIGNvbnRlbnQ9InRl
eHQvaHRtbDsgY2hhcnNldD1JU08tODg1OS0xIgogICAgICBodHRwLWVxdWl2PSJDb250ZW50LVR5
cGUiPgogIDwvaGVhZD4KICA8Ym9keSBiZ2NvbG9yPSIjRkZGRkZGIiB0ZXh0PSIjMDAwMDAwIj4K
ICAgIDxkaXYgY2xhc3M9Im1vei1jaXRlLXByZWZpeCI+RCYjMzI4O2EgMDYuMTIuMjAxMyAwODoz
NCwgWWFpciBaYXNsYXZza3kKICAgICAgd3JvdGUgLyBuYXAmaWFjdXRlO3NhbChhKTo8YnI+CiAg
ICA8L2Rpdj4KICAgIDxibG9ja3F1b3RlCiAgICAgIGNpdGU9Im1pZDo5OTYyMTMwOTMuMTI2Mzc1
NTguMTM4NjMxNTI2NDM0OS5KYXZhTWFpbC5yb290QHJlZGhhdC5jb20iCiAgICAgIHR5cGU9ImNp
dGUiPgogICAgICA8cHJlIHdyYXA9IiI+CgotLS0tLSBPcmlnaW5hbCBNZXNzYWdlIC0tLS0tCjwv
cHJlPgogICAgICA8YmxvY2txdW90ZSB0eXBlPSJjaXRlIj4KICAgICAgICA8cHJlIHdyYXA9IiI+
RnJvbTogIk1hdXJpY2UgSmFtZXMiIDxhIGNsYXNzPSJtb3otdHh0LWxpbmstcmZjMjM5NkUiIGhy
ZWY9Im1haWx0bzptaWRuaWdodHN0ZWVsQG1zbi5jb20iPiZsdDttaWRuaWdodHN0ZWVsQG1zbi5j
b20mZ3Q7PC9hPgpUbzogPGEgY2xhc3M9Im1vei10eHQtbGluay1hYmJyZXZpYXRlZCIgaHJlZj0i
bWFpbHRvOnVzZXJzQG92aXJ0Lm9yZyI+dXNlcnNAb3ZpcnQub3JnPC9hPgpTZW50OiBGcmlkYXks
IERlY2VtYmVyIDYsIDIwMTMgMzoxMzozNCBBTQpTdWJqZWN0OiBbVXNlcnNdIEV4dGVybmFsIGF1
dGhlbnRpY2F0aW9uCgpEb2VzIGFueW9uZSBrbm93IGhvdyB0byBnZXQgZXh0ZXJuYWwgYXV0aGVu
dGljYXRpb24gdG8gMzg5LWRzICJ3aXRob3V0IgpLZXJiZXJvcyBzdXBwb3J0LiBJIGFtIHF1aXRl
IGhhcHB5IHdpdGggTERBUFMgYW5kIHdvdWxkIHByZWZlciBub3QgdG8KaW50cm9kdWNlIG1vcmUg
Y29tcGxleGl0eS4KPC9wcmU+CiAgICAgIDwvYmxvY2txdW90ZT4KICAgICAgPHByZSB3cmFwPSIi
PgpObyBvcHRpb24gYXQgdGhlIG1vbWVudCwgCkp1YW4gSGVybmFuZGV6IChDQydlZCkgaXMgd29y
a2luZyBvbiBhdXRoZW50aWNhdGlvbiByZWZhY3RvciB0aGF0IHdpbGwgYWxsb3cgZGV2ZWxvcGlu
ZyBhdXRoZW50aWNhdGlvbiAicGx1Z2lucyIgaW4gYW4gZWFzaWVyIG1hbm5lciAoYW5kIGFsc28g
d2lsbCBicmVhayB0aGUgdGlnaHQgY291cGxpbmcgYmV0d2VlbiBhdXRoZW50aWNhdGlvbiBhbmQg
ZGlyZWN0b3J5IHNlcnZpY2VzIGluZm9ybWF0aW9uIHJldHJpZXZhbCkKPC9wcmU+CiAgICA8L2Js
b2NrcXVvdGU+CiAgICA8YnI+CiAgICBKdXN0IGNvbmZpcm1pbmcgb3VyIGludGVyZXN0IGluIGxk
YXAgd2l0aG91dCBrZXJiZXJvcy48YnI+CiAgICA8ZGl2IGNsYXNzPSJtb3otc2lnbmF0dXJlIj4t
LSA8YnI+CiAgICAgIDxkaXYgaWQ9Im9lcm5paV9mb290ZXIiIHN0eWxlPSJjb2xvcjogZ3JheTsi
PgogICAgICAgIDxzcGFuIHN0eWxlPSJmb250LWZhbWlseTogTHVjaWRhIENvbnNvbGUsIEx1eGkg
TW9ubywgQ291cmllciwKICAgICAgICAgIG1vbm9zcGFjZTsgZm9udC1zaXplOiA5MCU7Ij4KICAg
ICAgICAgIEVybmVzdCBCZWlucm9ociwgQVhPTiBQUk88YnI+CiAgICAgICAgICBEZXZPcHMsCiAg
ICAgICAgICA8YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBjb2xvcjogZ3JheTsiCiAg
ICAgICAgICAgIGhyZWY9Imh0dHA6Ly93d3cuYmVpbnJvaHIuc2svaW5nLnBocCI+SW5nPC9hPiwg
PGEKICAgICAgICAgICAgc3R5bGU9InRleHQtZGVjb3JhdGlvbjogbm9uZTsgY29sb3I6IGdyYXk7
IgogICAgICAgICAgICBocmVmPSJodHRwOi8vd3d3LmJlaW5yb2hyLnNrL3JoY2UucGhwIj5SSENF
PC9hPiwgPGEKICAgICAgICAgICAgc3R5bGU9InRleHQtZGVjb3JhdGlvbjogbm9uZTsgY29sb3I6
IGdyYXk7IgogICAgICAgICAgICBocmVmPSJodHRwOi8vd3d3LmJlaW5yb2hyLnNrL3JoY2UucGhw
Ij5SSENWQTwvYT4sIDxhCiAgICAgICAgICAgIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmU7
IGNvbG9yOiBncmF5OyIKICAgICAgICAgICAgaHJlZj0iaHR0cDovL3d3dy5iZWlucm9oci5zay9s
cGljLnBocCI+TFBJQzwvYT4sIDxhCiAgICAgICAgICAgIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246
IG5vbmU7IGNvbG9yOiBncmF5OyIKICAgICAgICAgICAgaHJlZj0iaHR0cDovL3d3dy5iZWlucm9o
ci5zay92Y2EucGhwIj5WQ0E8L2E+LCA8YQogICAgICAgICAgICBzdHlsZT0idGV4dC1kZWNvcmF0
aW9uOiBub25lOyBjb2xvcjogZ3JheTsiCiAgICAgICAgICAgIGhyZWY9ImNhbGx0bzovLys0MjEt
Mi0tNjI0MS0wMzYwIj4rNDIxLTItLTYyNDEtMDM2MDwvYT4sIDxhCiAgICAgICAgICAgIHN0eWxl
PSJ0ZXh0LWRlY29yYXRpb246IG5vbmU7IGNvbG9yOiBncmF5OyIKICAgICAgICAgICAgaHJlZj0i
Y2FsbHRvOi8vKzQyMS05MDMtLTQ4Mi02MDMiPis0MjEtOTAzLS00ODItNjAzPC9hPjxicj4KICAg
ICAgICAgIGljcToyODE1MzM0MywgPGEgc3R5bGU9InRleHQtZGVjb3JhdGlvbjogbm9uZTsgY29s
b3I6IGdyYXk7IgogICAgICAgICAgICBocmVmPSJjYWxsdG86Ly9vZXJuaWktd29yayI+c2t5cGU6
b2VybmlpLXdvcms8L2E+LAogICAgICAgICAgPGEgY2xhc3M9Im1vei10eHQtbGluay1hYmJyZXZp
YXRlZCIgaHJlZj0ibWFpbHRvOmphYmJlcjpvZXJuaWlAamFiYmVyLm9yZyI+amFiYmVyOm9lcm5p
aUBqYWJiZXIub3JnPC9hPgogICAgICAgICAgPGJyPgogICAgICAgIDwvc3Bhbj4KICAgICAgICA8
aHIgc3R5bGU9ImhlaWdodDogMXB4OyB3aWR0aDogOTUlIj4gPHNwYW4gc3R5bGU9ImZvbnQtc2l6
ZToKICAgICAgICAgIDcwJTsiPgogICAgICAgICAgJiM4MjIwO0ZvciBhIHN1Y2Nlc3NmdWwgdGVj
aG5vbG9neSwgcmVhbGl0eSBtdXN0IHRha2UgcHJlY2VkZW5jZQogICAgICAgICAgb3ZlciBwdWJs
aWMgcmVsYXRpb25zLCBmb3IgTmF0dXJlIGNhbm5vdCBiZSBmb29sZWQuJiM4MjIxOyBSaWNoYXJk
CiAgICAgICAgICBGZXlubWFuIDwvc3Bhbj4gPC9kaXY+CiAgICA8L2Rpdj4KICAgIDxpbWcKICAg
ICAgc3JjPSJodHRwOi8vbm9qc3N0YXRzLmFwcHNwb3QuY29tL1VBLTQ0NDk3MDk2LTEvZW1haWwu
YmVpbnJvaHIuc2siCiAgICAgIG1vei1kby1ub3Qtc2VuZD0idHJ1ZSIgYm9yZGVyPSIwIiBoZWln
aHQ9IjEiIHdpZHRoPSIxIj4KICA8L2JvZHk+CjwvaHRtbD4KCi0tLS0tLS0tLS0tLS0tMDcwMjA1
MDEwNTA4MDQwMTAzMDkwODA2LS0K

--===============5434127314815340181==--