----- Original Message -----
šFrom: "Jorick Astrego" <j.astrego@netbulae.eu>
šTo: users@ovirt.org
šSent: Wednesday, April 15, 2015 1:30:29 PM
šSubject: Re: [ovirt-users] Disable admin@internal account
šOn 04/15/2015 12:08 PM, îÉËĎĚÁĹ× áĚĹËÓĹĘ wrote:
šHi community!
šThe Red_Hat_Enterprise_Virtualization-3.5-Administration_Guide says how to
šadd users from external directory.
šBut now i want to disable admin@internal account for security reasons and use
šit only for disaster recovery situations (or then ldaps servers not
šavailable). Can i do it?
šWhat are best practises for use only external directory?
šIf i delete admin@internal account can i add it again?
š_______________________________________________
šUsers mailing list Users@ovirt.org
šhttp://lists.ovirt.org/mailman/listinfo/users
šShould be possible last time I asked, see response below:
šSubject: Re: [ovirt-users] oVirt 3.5 and FreeIpa
šDate: Thu, 22 Jan 2015 06:59:52 -0500 (EST)
šFrom: Alon Bar-Lev <alonbl@redhat.com>
šTo: Jorick Astrego <j.astrego@netbulae.eu>
šCC: users@ovirt.org
š<snip>
šAlso can we get rid of the internal admin or better just disable internal
šauthenticationt without problems? As we have ipa we don't want local login
šenabled, but in emergency situations we might need to turn it on quickly.
šYes, you can disable the internal by creating
š/etc/ovirt-engine/engine.conf.d/50-disable-internal.conf
š---
šENGINE_EXTENSION_ENABLED_builtin-authn-internal = false
š---
šHmmm.... we have a bug in this case... will fix, so let's just disable the
šauthz for now.
š---
šENGINE_EXTENSION_ENABLED_internal = false
should work now properly using:
ENGINE_EXTENSION_ENABLED_builtin_authn_internal = false
_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users