This is a multi-part message in MIME format. --------------834EC06451ACB404FC8221BF Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Hi, Thank you very much. -- Thanks & Regards, Anantha Raghava eXza Technology Consulting & Services Do not print this e-mail unless required. Save Paper & trees. On Thursday 29 September 2016 11:43 AM, Ondra Machacek wrote:
Hi,
I would suggest you reading this:
https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single...
And if you have doubt with anything you can ask here.
Ondra
On 09/28/2016 05:40 PM, Anantha Raghava wrote:
Hi,
I am able to add the user to oVirt and assign role. Just to test, I assigned one user as "super user" and I am able to login to Administrator Portal.
Need to read a bit more about roles and their predefined rights. Any suggestions in this regard?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 03:46 PM, Anantha Raghava wrote:
Hello Ondra,
It's working now. It browses though the directory and fetching the user / group details.
Thanks for your quick support.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote:
Thanks Ondra. Will check this & revert back.
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote:
Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one.
----- Anantha Raghava <raghav@exzatechconsulting.com> wrote:
Thanks for quick response Ondra.
Before I make another attempt to properly configure, can I re-execute the ovirt aaa ldap setup again without disturbing the current setup? Will that help me to correct the problem?
--
Thanks & Regards,
Anantha Raghava
eXza Technology Consulting & Services
Do not print this e-mail unless required. Save Paper & trees.
On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote: > ----- Anantha Raghava <raghav@exzatechconsulting.com> wrote: >> Hello Ondra >> >> Please find the attached file. I have also attached the setup >> log file. >> I find the errors & warnings there too. But I am unable to >> figure out >> what really went wrong. >> >> One more thing, while setting aaa-ldap extension, since it >> threw error >> on user DN, did not properly recognise, I used "anonymous", >> also did not >> perform the Login Test. Are these the root cause? > Yes, it is root cause. Active directory usually has anonymous > bind disabled. You can enter UPN instead of DN, if you want. In > your case it will be something like vdiadmin@rvce.in. Please > note that AD usually use CN attribute in DN, not uid attribute, > that may be the problem in your DN. >> -- >> >> Thanks & Regards, >> >> >> Anantha Raghava >> >> eXza Technology Consulting & Services >> >> >> >> Do not print this e-mail unless required. Save Paper & trees. >> >> On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: >>> On 09/28/2016 05:25 AM, Anantha Raghava wrote: >>>> Hi, >>>> >>>> I am trying to integrate the oVirt Engine with Active >>>> Directory to >>>> enable user logins. I installed the ovirt ldap extension and >>>> executed >>>> the setup. The process completed successfully and the profile >>>> is visible >>>> in engine log in page. >>> Most probably it wasn't successful, because as you can see in >>> screenshot there is no 'namespace', you should see there >>> something, if >>> configuration is correct. >>> >>> Can you please send output of the following command? >>> >>> $ ovirt-engine-extensions-tool --log-level=FINEST >>> --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz >>> >>> There should be some ERROR or WARN. >>> >>> Thanks. >>> >>>> Now, when I try to add the user and assign the roles, it is >>>> not allowing >>>> me to browse through the profile & the user list. Infact the >>>> "GO" button >>>> gets deactivated as shown in the screenshot. >>>> >>>> How do I set this right and get the user list? >>>> >>>> -- >>>> >>>> Thanks & Regards, >>>> >>>> >>>> Anantha Raghava >>>> >>>> eXza Technology Consulting & Services >>>> >>>> >>>> Do not print this e-mail unless required. Save Paper & trees. >>>> >>>> >>>> >>>> _______________________________________________ >>>> Users mailing list >>>> Users@ovirt.org >>>> http://lists.ovirt.org/mailman/listinfo/users >>>>
--------------834EC06451ACB404FC8221BF Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <p><font face="Liberation Serif">Hi,</font></p> <p><font face="Liberation Serif">Thank you very much.</font><br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> <meta name="generator" content="LibreOffice 5.0.3.2 (Linux)"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2016-01-05T17:20:50.677541300"> <meta name="created" content="00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:03:26.251763811"> <meta name="created" content="2015-02-21T00:00:00"> <meta name="changedby" content="Anantha Raghava"> <meta name="changed" content="2015-12-20T09:02:11.666821134"> <style type="text/css"> @page { margin: 2cm } p { margin-bottom: 0.25cm; color: #000000; line-height: 120% } address { color: #000000 } a:link { so-language: zxx } </style> <p>-- </p> <p style="margin-bottom: 0cm; line-height: 100%"><font face="Times New Roman, serif">Thanks & Regards,</font></p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> <address style="line-height: 100%"><font face="Times New Roman, serif">Anantha Raghava</font></address> <address style="line-height: 100%"><font face="Times New Roman, serif">eXza Technology Consulting & Services</font></address> <br> <p style="margin-bottom: 0cm; line-height: 100%"><font color="#66cc00"><font face="Times New Roman, serif">Do not print this e-mail unless required. Save Paper & trees.</font></font></p> </div> <div class="moz-cite-prefix">On Thursday 29 September 2016 11:43 AM, Ondra Machacek wrote:<br> </div> <blockquote cite="mid:80cf187f-df7d-8def-6862-60b06ddd1af1@redhat.com" type="cite">Hi, <br> <br> I would suggest you reading this: <br> <br> <br> <a class="moz-txt-link-freetext" href="https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single/administration-guide/#sect-User_Authorization">https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/single/administration-guide/#sect-User_Authorization</a> <br> <br> And if you have doubt with anything you can ask here. <br> <br> Ondra <br> <br> On 09/28/2016 05:40 PM, Anantha Raghava wrote: <br> <blockquote type="cite">Hi, <br> <br> I am able to add the user to oVirt and assign role. Just to test, I <br> assigned one user as "super user" and I am able to login to <br> Administrator Portal. <br> <br> Need to read a bit more about roles and their predefined rights. Any <br> suggestions in this regard? <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 03:46 PM, Anantha Raghava wrote: <br> <blockquote type="cite"> <br> Hello Ondra, <br> <br> It's working now. It browses though the directory and fetching the <br> user / group details. <br> <br> Thanks for your quick support. <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 02:03 PM, Anantha Raghava wrote: <br> <blockquote type="cite"> <br> Thanks Ondra. Will check this & revert back. <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 02:02 PM, Ondra Machacek wrote: <br> <blockquote type="cite">Yes, you can. You can use different profile name and those setups can exist together, or you can you same name and the aaa-setup-tool will ask you if you want to override the existing one. <br> <br> ----- Anantha Raghava <a class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: <br> <blockquote type="cite">Thanks for quick response Ondra. <br> <br> Before I make another attempt to properly configure, can I re-execute <br> the ovirt aaa ldap setup again without disturbing the current setup? <br> Will that help me to correct the problem? <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 01:23 PM, Ondra Machacek wrote: <br> <blockquote type="cite">----- Anantha Raghava <a class="moz-txt-link-rfc2396E" href="mailto:raghav@exzatechconsulting.com"><raghav@exzatechconsulting.com></a> wrote: <br> <blockquote type="cite">Hello Ondra <br> <br> Please find the attached file. I have also attached the setup log file. <br> I find the errors & warnings there too. But I am unable to figure out <br> what really went wrong. <br> <br> One more thing, while setting aaa-ldap extension, since it threw error <br> on user DN, did not properly recognise, I used "anonymous", also did not <br> perform the Login Test. Are these the root cause? <br> </blockquote> Yes, it is root cause. Active directory usually has anonymous bind disabled. You can enter UPN instead of DN, if you want. In your case it will be something like <a class="moz-txt-link-abbreviated" href="mailto:vdiadmin@rvce.in">vdiadmin@rvce.in</a>. Please note that AD usually use CN attribute in DN, not uid attribute, that may be the problem in your DN. <br> <blockquote type="cite">-- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> On Wednesday 28 September 2016 12:18 PM, Ondra Machacek wrote: <br> <blockquote type="cite">On 09/28/2016 05:25 AM, Anantha Raghava wrote: <br> <blockquote type="cite">Hi, <br> <br> I am trying to integrate the oVirt Engine with Active Directory to <br> enable user logins. I installed the ovirt ldap extension and executed <br> the setup. The process completed successfully and the profile is visible <br> in engine log in page. <br> </blockquote> Most probably it wasn't successful, because as you can see in <br> screenshot there is no 'namespace', you should see there something, if <br> configuration is correct. <br> <br> Can you please send output of the following command? <br> <br> $ ovirt-engine-extensions-tool --log-level=FINEST <br> --log-file=/tmp/aaa.log aaa search --extension-name=domain-authz <br> <br> There should be some ERROR or WARN. <br> <br> Thanks. <br> <br> <blockquote type="cite">Now, when I try to add the user and assign the roles, it is not allowing <br> me to browse through the profile & the user list. Infact the "GO" button <br> gets deactivated as shown in the screenshot. <br> <br> How do I set this right and get the user list? <br> <br> -- <br> <br> Thanks & Regards, <br> <br> <br> Anantha Raghava <br> <br> eXza Technology Consulting & Services <br> <br> <br> Do not print this e-mail unless required. Save Paper & trees. <br> <br> <br> <br> _______________________________________________ <br> Users mailing list <br> <a class="moz-txt-link-abbreviated" href="mailto:Users@ovirt.org">Users@ovirt.org</a> <br> <a class="moz-txt-link-freetext" href="http://lists.ovirt.org/mailman/listinfo/users">http://lists.ovirt.org/mailman/listinfo/users</a> <br> <br> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> </blockquote> <br> </blockquote> <br> </blockquote> <br> </blockquote> </blockquote> <br> </body> </html> --------------834EC06451ACB404FC8221BF--