--Alternative_=_Boundary_=_1410391296 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable William<br><br>Thank you as well I have noticed from the logs that if the m= anager interface isn't used in a while it has to reinitialize or renew the = ticket in the cache. This process can cause a noticeable delay in logins an= d using a keytab. This is a part of (but not the whole) reason keytabs exis= t in kerberos.<br><br><span style=3D"font-family:Prelude, Verdana, san-seri= f;"><br><br></span><span id=3D"signature"><div style=3D"font-family: arial,= sans-serif; font-size: 12px;color: #999999;">-- Sent from my HP Pre3</div>= <br></span><span style=3D"color:navy; font-family:Prelude, Verdana, san-ser= if; "><hr align=3D"left" style=3D"width:75%">On Sep 10, 2014 7:11 PM, Willi= am Law <wlaw@stanford.edu> wrote: <br><br></span>OK, thanks. Is ther= e a way to perform it without manage-domains currently or in 3.5?=0D<br>=0D= <br>Regards,=0D<br>=0D<br>Will=0D<br>=0D<br>On Sep 10, 2014, at 4:07 PM, Ya= ir Zaslavsky <yzaslavs@redhat.com> wrote:=0D<br>=0D<br>> =0D<br>&g= t; =0D<br>> ----- Original Message -----=0D<br>>> From: "William L= aw" <wlaw@stanford.edu>=0D<br>>> To: "users" <users@ovirt.or= g>=0D<br>>> Sent: Thursday, September 11, 2014 1:53:04 AM=0D<br>&g= t;> Subject: [ovirt-users] adding machine to openldap + kerberos with a = keytab=0D<br>>> =0D<br>>> Hi,=0D<br>>> =0D<br>>> Wh= en I try to use engine-manage-domains it seems to expect an account to sign= =0D<br>>> in with. Is there any way to use a key tab? It seems like= it does all this=0D<br>>> under the surface eventually; I'd just lik= e to do it up front.=0D<br>>> =0D<br>>> Even a pointer to "manu= al" adding instructions would be very helpful.=0D<br>>> =0D<br>>&g= t; Thanks,=0D<br>>> =0D<br>>> Will=0D<br>> =0D<br>> Hi Wi= ll,=0D<br>> No way to perform this with manage domains at the moment.=0D= <br>> =0D<br>> Not sure if we will invest in this, as in oVirt 3.5 we= introduce a pluggable architecture for AAA, based on extensions + configur= ation files =0D<br>> managed-domains should be used to support existing = setups that will undergo upgrade to 3.5 (or of course, will remain in their= current versions).=0D<br>> =0D<br>>> ____________________________= ___________________=0D<br>>> Users mailing list=0D<br>>> Users@= ovirt.org=0D<br>>> http://lists.ovirt.org/mailman/listinfo/users=0D<b= r>>> =0D<br>=0D<br>=0D<br>___________________________________________= ____=0D<br>Users mailing list=0D<br>Users@ovirt.org=0D<br>http://lists.ovir= t.org/mailman/listinfo/users=0D<br> --Alternative_=_Boundary_=_1410391296--