On Wed, Dec 10, 2014 at 6:36 PM, Alon Bar-Lev <alonbl@redhat.com> wrote:

it should be even simpler... :)

1. copy recursive /usr/share/ovirt-engine-extension-aaa-ldap/examples/simple to /etc/ovirt-engine

2. edit /etc/ovirt-engine/aaa/ldap1.properties, set vars.server, vars.user, vars.password to meet your setup, uncomment ipa on top and comment out the openldap.

3. until 3.5.1 you should also edit /etc/ovirt-engine/extensions.d/*.properties and replace ../aaa with /etc/ovirt-engine/aaa

Alon

OK. Done and restarted the engine.

Now in webadmin I see ldap1 as a new profile.

But if from admin in configure I try to give a system permission I have this window with "GO " greyed out...

https://drive.google.com/file/d/0BwoPbcrMv8mvaGVvVmJpazFwTFk/view?usp=sharing

BTW: I tried my IPA lookup just for trying.... and I'm able to find all the users and also new users defined after migration to the new c7server.... ???

https://drive.google.com/file/d/0BwoPbcrMv8mvbks2cmlhSmJjdnc/view?usp=sharing

Gianluca