On 05/31/2016 03:29 PM, Alexis HAUSER wrote:
> Until administrators will fix AD servers, in order to use SSL you
can
> temporarily use following setup:
> pool.default.serverset.single.server = AD1
> pool.default.dc-resolve.enable = false
> pool.default.ssl.startTLS = true
> But this is only temporary solution and you should switch back to
> 'srvrecord' until AD is fixed.
Thank you, this actually works. Yes, I'll remove it as soon as possible.
Now with RHEV + AD, it seems better than RHEV + LDAP for groups : it finds most of the
groups a user belongs to. RHEV + LDAP is only able to find one group a user belongs to
(which is not the same group found when I search the same user with ldapsearch...Still not
able to solve that mystery....)
That's very strange, we test it and it works for us. But you said you
use more namingContexts
than one, right? It could be the problem as we support only one.
By the way, how would you change the default password associated with the .jks
certificate automatically generated from the interactive setup ?
Run this command:
$ keytool -storepasswd -keystore /path/to/jks/x.jks
It will ask you for old and new password.