
Le 20 avr. 2016 à 10:16, Ondra Machacek <omachace@redhat.com> a écrit :
On 04/19/2016 07:46 PM, Fabrice Bacchella wrote:
Le 19 avr. 2016 à 17:35, Ondra Machacek <omachace@redhat.com> a écrit :
On 04/19/2016 04:37 PM, Fabrice Bacchella wrote:
I tried to plug ovirt using my company AD.
But I have a problem, the DNS srv records are not well managed and I can't use them so I changed pool.default.serverset.type from srvrecord to failover.
With AD you should use srvrecord, unless you have somehow miscofigured AD. Can you please elaborate more what does it mean 'DNS srv records are not well managed'?
The command dig +short _ldap._tcp.dsone.3ds.com any | wc -l return 122 lines. Out of that, I can only use less than 10, all other generates timeout. I don't know if it's firewall or forgotten DC that generate that. There is no way I can use srvrecord. This domain is totally out of my reach, I have to take it as is.
ok, that's not good, but if some of the domains which are working are in same site, you can use 'domain-conversion'(works only with srvrecord): pool.default.serverset.srvrecord.domain-conversion.type = regex pool.default.serverset.srvrecord.domain-conversion.regex.pattern = ^(?<domain>.*)$ pool.default.serverset.srvrecord.domain-conversion.regex.replacement = WORKING-SITE._sites.${domain}
What is that supposed to do ? All my DC are in the form xx-xxx-dcs99.${domain} and I have to pick a in this list. dig _sites.${domain} return nothing for me what a regex will do ?
Is that your case? Can you please share log of extensions-tool, so we can better understand your problem and provide better help.
I have no knowledge about AD, I'm a 100% linux sysadmin and just use AD as an LDAP server, so all those forest/GC are unknown things for me. I will send that in a private mail.