I got a little further.
When testing after the setup, I get a Credential Invalid error until I added what Edward
previously suggested except I had to use "Person" instead of
"inetOrgPerson" because my LDAP server doesn't provide uidObject as well.
Line added to /etc/ovirt-engine/aaa/MYDOMAIN.com.properties:
sequence.openldap-init-vars.040.var-set.value = (objectClass=Person)
Once I did that and restarted the service, ovirt-engine-extensions-tool gives me the
following below. Not sure why it won't pull the principle record.
2019-09-06 10:50:15,032-04 INFO
========================================================================
2019-09-06 10:50:15,032-04 INFO ============================== Execution
===============================
2019-09-06 10:50:15,032-04 INFO
========================================================================
2019-09-06 10:50:15,033-04 INFO Iteration: 0
2019-09-06 10:50:15,033-04 INFO Profile='MYDOMAIN.com'
authn='MYDOMAIN.com-authn' authz='MYDOMAIN.com' mapping='null'
2019-09-06 10:50:15,034-04 INFO API:
-->Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='MYDOMAIN.com'
user='MYUSERNAME'
Password:
2019-09-06 10:50:18,822-04 INFO API:
<--Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS profile='MYDOMAIN.com'
result=SUCCESS
2019-09-06 10:50:18,824-04 INFO --- Begin AuthRecord ---
2019-09-06 10:50:18,824-04 INFO --- End AuthRecord ---
2019-09-06 10:50:18,825-04 INFO API: -->Authz.InvokeCommands.FETCH_PRINCIPAL_RECORD
principal='null'
2019-09-06 10:50:18,837-04 SEVERE Cannot locate principal 'null'