below are the three files which I have modified. [root@cstlb2 extensions.d]# cat profile1-authn.properties ovirt.engine.extension.name = cloudspin-authn ovirt.engine.extension.bindings.method = jbossmodule ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthnExtension ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn ovirt.engine.aaa.authn.profile.name = cloudspin ovirt.engine.aaa.authn.authz.plugin = cloudspin-auth config.profile.file.1 = /etc/ovirt-engine/aaa/ldap1.properties [root@cstlb2 extensions.d]# ls profile1-authn.properties profile1-authz.properties [root@cstlb2 extensions.d]# cat profile1-authz.properties ovirt.engine.extension.name = cloudspin-authz ovirt.engine.extension.bindings.method = jbossmodule ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthzExtension ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz config.profile.file.1 = /etc/ovirt-engine/aaa/ldap1.properties [root@cstlb2 extensions.d]# [root@cstlb2 aaa]# pwd /etc/ovirt-engine/aaa [root@cstlb2 aaa]# ls ldap1.properties [root@cstlb2 aaa]# cat ldap1.properties # # Select one # include = <openldap.properties> #include = <389ds.properties> #include = <rhds.properties> #include = <ipa.properties> #include = <iplanet.properties> #include = <rfc2307.properties> #include = <rfc2307-openldap.properties> # # Server # vars.server = my.abc.net # # Search user and its password. # vars.user = uid=search,cn=nbudoor,cn=Departments,cn=Corporate,cn=Bangalore,cn=users,dc=nbudoor,dc=net vars.password = company pool.default.serverset.single.server = ${global:vars.server} pool.default.auth.simple.bindDN = ${global:vars.user} pool.default.auth.simple.password = ${global:vars.password} # Create keystore, import certificate chain and uncomment # if using ssl/tls. #pool.default.ssl.startTLS = true #pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks #pool.default.ssl.truststore.password = changeit [root@cstlb2 aaa]# On Tue, Sep 22, 2015 at 8:07 PM, Alon Bar-Lev <alonbl@redhat.com> wrote:
----- Original Message -----
From: "Budur Nagaraju" <nbudoor@gmail.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: users@ovirt.org Sent: Tuesday, September 22, 2015 5:35:16 PM Subject: Re: [ovirt-users] LDAP Authentication
its too complicated ,you have any script or video ?
in 3.6 we have a setup script. for now:
cp -r /usr/share/ovirt-engine/examples/simple/. /etc/ovirt-engine/
this is written in the README.
then customize files at /etc/ovirt-engine/extnesions.d/* /etc/ovirt-engine/aaa/* to match your setup
On Tue, Sep 22, 2015 at 8:00 PM, Alon Bar-Lev <alonbl@redhat.com> wrote:
----- Original Message -----
From: "Budur Nagaraju" <nbudoor@gmail.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: users@ovirt.org Sent: Tuesday, September 22, 2015 5:24:36 PM Subject: Re: [ovirt-users] LDAP Authentication
HI Alon,
Below is the configuration which I have done ,but unable to search
the
users in UI can you pls help me ?
you need three files, see the /usr/share/ovirt-engine-extension-aaa-ldap/examples/simple
[root@cstlb2 aaa]# cat ldap1.properties # # Select one # include = <openldap.properties> #include = <389ds.properties> #include = <rhds.properties> #include = <ipa.properties> #include = <iplanet.properties> #include = <rfc2307.properties> #include = <rfc2307-openldap.properties>
# # Server # vars.server = my.abc.net
# # Search user and its password. # vars.user =
uid=search,cn=nbudoor,cn=Departments,cn=Corporate,cn=Bangalore,cn=users,dc=abc,dc=net
vars.password = company1
pool.default.serverset.single.server = ${global:vars.server} pool.default.auth.simple.bindDN = ${global:vars.user} pool.default.auth.simple.password = ${global:vars.password}
# Create keystore, import certificate chain and uncomment # if using ssl/tls. #pool.default.ssl.startTLS = true #pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.server}.jks #pool.default.ssl.truststore.password = changeit [root@cstlb2 aaa]#
On Tue, Sep 22, 2015 at 7:25 PM, Alon Bar-Lev <alonbl@redhat.com> wrote:
----- Original Message -----
From: "Budur Nagaraju" <nbudoor@gmail.com> To: users@ovirt.org Sent: Tuesday, September 22, 2015 4:34:46 PM Subject: [ovirt-users] LDAP Authentication
HI All,
Can someone help me in configuring LDAP authentication for Ovirt
?
Please review: http://www.ovirt.org/Features/AAA
https://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob...